blue_shift

A few weeks ago we recognized that multiple incoming mails couldn't be delivered to our mail server anymore. After some research we found the reason for it: .prod.outlook.com - IP (xxxx:xxxx:xxx:xxx:cafe::99) found in negative cloudlist 2 Seems to happen with most of the Microsoft servers, we already contacted ESET and those IPs been deleted from the lists... but been on the list after a few days again. But why are only IPv6-addresses listed on those negative lists (the used IPv4-adresses are always fine)? It is a bit annoying to add all senders to the allowed list or contact ESET to remove them again. Those senders are all companies and the only common thing are the Microsoft servers. Anybody else recognized that?

Forgot something, I also set a proxy server in our DMZ that should only forward the agents data to the ESET server. That works pretty fine, the agent send information to the proxy in the DMZ and that forwards that information using port 2222. I don't want that updates will be loaded using that DMZ proxy from outside

I just installed the newest ESET PROTECT on one of our Windows server and also installed the included Apache proxy server. If I open the url via a browser I see that it works. I want that all internal clients get their updates from the ESET server and all clients outside the network should get them directly from the public ESET servers. In the policies I set known network zones with conditions (so ESET should be able to see if it is an internal network or not). I also set an update profile for INTERNAL and EXTERNAL use. In the internal update profile I disabled the proxy, so it connects only using port 2222. In the external update profile I set the IP and port of the proxy. Both update profiles are set in the known networks. Not all of our clients don't have any internet connection, so a central update repository is needed. The internal ESET server has internet access! + How can I check if the proxy cache is working fine? + What do I have to set in the policies that all internal clients get their updates from the proxy cache and external get them from public servers? + Where do I see if the updates come from ESET or from the internal ESET server?

Hello Marcos, thanks for your reply. Are you sure it doesn't run automatically? After I installed ESET on the server, it already imported all devices from Active Directory (problem is, there are still old devices that shouldn't be imported and I also want a different structure in ESET). I just read the rogue sensor should work for me, as it just adds devices that are found on the network. And I am able to set the networks I want to be used for searching. How can I remove the already imported devices without any danger? Can I just mark them completely and remove them or do I have to use a "special procedure" for it (other solutions are pretty "picky" with that and if you do it wrong, the devices will not show up anymore)? Thanks!

Hello everybody, I just installed the newest ESET Endpoint Security and saw that it imported all devices from our Active Directory. I got a few newbie questions and I hope somebody can help me: - Is it enough to delete the server-task for synchronisation to get rid of the AD importing? - How can I get rid of all imported devices so I can still use them later? - Where or how can I set that ESET looks for devices using IP ranges or the Windows network itself? I am sorry, I already read the manuals but there was written that I can disable the Active Directory synchronisation while installing but that was clearly not possible! Thanks at all