Jump to content

Misza

Members
  • Posts

    13
  • Joined

  • Last visited

About Misza

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    Ireland
  1. But Detection exclusions can only be set once the detection occurs, correct? And these can only be set per endpoint on which the detection occurred. My aim is to prevent from these detections to happen on multiple endpoints. so the application installation/upgrade proceeds without any interruptions, and notifications on user side.
  2. @Marcos Thank you for your reply, am I correct in saying that Performance Exclusions can be set to prevent ESET from scanning a given path, and no detections should occur from a folder set in the Performance Exclusion Policy. So for example if I set C:\ProgramData\{4CEC2908-5CE4-48F0-A717-8FC833D8017A}\* path in the exclusion policy no detections should occur in that folder and its subfolders, correct? Using https://help.eset.com/protect_cloud/en-US/create_exclusion.html as a reference.
  3. Hi Marcos, thank you for your reply. Are performance exclusions via policy able to achieve same as setting up Detection Exclusions on the endpoint's AV? Can you point me to a bit of documentation on how to set up these.
  4. Hi ESET community, can exclusions as per linked document below be set centrally in ESET PROTECT web console as a policy and applied to a group of endpoints. https://kb.teramind.co/hc/en-us/articles/1500006056281-Antivirus-Configuration-Guide#eset-endpoint-security-0-20
  5. @Marcos Tested more and unfortunately it does not work, still get detections in the folder that was added to performance exclusions. There is no other policy in place that would negate these settings. Tested on couple of endpoints. it will not work, unless when based on the detection I will create an exclusion for path and detection.
  6. Have the performance exclusion set to C:\ProgramData\{program_name}\* so my assumption was anything within {program_name} including subfolders will be excluded. Policy applied to the endpoint, unless I need to give it a higher priority. But there is nothing above it in the policy order which would negate it.
  7. Hi Marcus, Did just that, yet the errors still pop up. Is my understanding correct that performance exclusions via policy will only exclude for the scan purposes and detection exclusion is a separate thing?
  8. Hi Marcos, that is somewhat correct, more precisely I don't want any detections to be triggered on files in a certain folder. So this folder is completely whitelisted, and skipped by the detections module completely. There is a bit of software that uses this folder and whenever it receives an update this triggers the detection engine. Each time an update is received its unpacked to this folder, the hash and file name differ each time a new update is unpacked in that folder. so I cant really exclude it by name or hash. Therefore was looking how to whitelist the whole folder. Detections are triggered with a cause: Win32/RiskWare.nameofprogram or with Suspicious Hope this makes sense, I can provide more info if needed. * edited some typos
  9. Hi Marcos, thank you for your reply. I thought having to remote onto a pc and setting these could have been avoided, as I have a good few computers to cover. That's a pity. I assume there is no way to automate this in any way?
  10. As in the title, is it possible to create an detection exclusion for a folder and its subfolders? In ESET Protect console so far I can see I can create an exclusion from an already triggered event. Is it possible to create an exclusion from a scratch? And specify that any detections within a specific folder and its subfolders to be ignored?
  11. just to shed a bit more light on it. This is what the end user sees after I run an update task on the outdated Endpoint AV from that particular endpoints menu and tick the "Automatically reboot when needed" tickbox. After task completes the enduser is presented with the above notification. My question is if that reboot delay can be extended further, and instead of 30s end user has maybe 5 minutes before the reboot is performed?
  12. Hi , is it possible to change/extend the timeout on the reboot prompt as per ss below? so the user has maybe 2 mins to save their work etc before forced reboot.
×
×
  • Create New...