HSW
-
Posts
212 -
Joined
-
Days Won
4
Posts posted by HSW
-
-
I had a similiar problem, you added your internal Network to the trustworthy zones?
In my case this was the Problem, some clients dont reach the internal DNS server.
-
See my screen, needed config of Agent. Also you must setup the policy of webcontroll to log this as "warning"
-
10 minutes ago, Marcos said:
... (not yet released)...
Thx i know this from the past, can you give me a approximately release date?
-
Hi MichaelJ,
can i setup ESET or ERA to set firewall blocks to high severity?
-
That is realy a bad News
i test actually for replacement of our hardwarefirewall. But without Infos of blocked pages/applications/ips over the webconsole the EES is useless atm for us did you know a approximate time/date/month/year?
EDIT: in 6.3/6.4 it was working or? Because i found some old logs from the last testings
-
Hi,
i need some logging for firewall notifications (blocked IPs and Websites). With webcontroll i can see all logs on ERAS but firewall logs / activities do not reach the ERAS. (local i see the log entries correct)
I activate "log" for the blogged sites. But no sending to ERAS
I want to use the "firewall threat" reports on ERAS.
The Agent is configured:
Report non-ESET-installed applications, Report network firewall issues is active
Trace log verbosity = warning)
HSW
-
Hm not realy good
but thx for info
I would prefer also a solution for marking a treath as resolved -> handeled thread = yes
Or more filter options for dynamic Groups, like resolved = yes/no
-
22 hours ago, MichalJ said:
In general, you can create a dynamic group for computers with unresolved infections.
"computers with active threats (choose corresponding conditions, active threat, threat handned = no)
On top of such group, you can assign a firewall policy, that would block all network traffic, with the exception of the ERA agent, so in fact the computer is isolated from the network, and would prevent the infection from spreading.
Hi MichaelJ, i try this but ist not correct working (in my eyes)! You can filter with "Active threats.Threat handled" = no // but if i setup a thread manual as resolved this is still mark as "active thread" so i cant setup exceptions (false alarm etc. or when ESET did not notice that the thread is not more active. Any solution for this?
Additional example are also confusing -> Thread is handeled = yes but resolved = no why?
-
First at all we have license for EES
thx
A problem for me / in my eyes are the servers. You dont provide scanner for server with firewall.
Its a cost factor. actual we have a big sophos with webprotection, proxy and more. When i want to replace this complett i have a problem with the server protection. The managing directors want to save money for the "expensive IT"
For the Clients i test it actual but its not easy for our company because we have 1000+ individual software product (some are realy old) and in the past there where many problems with the EES (HTTPS scanning, and category filter) the new Version looks fine, so i will try more and setup policy for some tester.
So i must think on many exclusions or how i can find them quick, if the empoyee cant work i get Problems ^^
-
normaly yes, but fresh windows updates from time to time sometime it activates defender because it thinks eset is not "important" enough. We disable defender for beeing save for this outtakes.
MS is MS
-
2 hours ago, Marcos said:
With EEA you can only apply a policy that will block access to all http(s) websites but you can't block communications via other protocols.
Also please let us know what made you choose EEA over EES which provides additional protection against network attacks like EternalBlue exploited by the recent WannaCryptor.
We actual use EEA because we have a addional hardwarefirewall from Sophos. And there where to much problems with EES 6.3
But i test if we can save some money with EES
Its hard to setup the correct Firewall and webprotection setups, so many possible exclusions. And your documentation of settings are not realy business like ("to small, more examples and possible mistakes FAQ") if i want to protect our Network standard setup is not enough in my eyes.
edit: I see you renew some docus, i will try again to read it
-
Ah ok you mean with EES ok, i thought there is a posibility for EEA too. Iam testing with EES actualy (if i have time ^^) but its a nice idea! I will notice it
thx!
-
We had the same problem with the new ESET 6.5. On our side it was a firewall problem (Sophos). Let the server connect to the WWW one time + connect to a http page (no https) after this all our server update regular. If you update over WWW controll if you have all exclusions hxxp://support.eset.com/kb332/?locale=en_US
i think there is a problem with https in the actual version.
i hope it helps
-
HI Guru,
provide more informations
- Mobile OS + Version
- witch browser you try
- Some Business Software using like Android for work, Blackberry, ...?
You try activation over mobile or over WLAN -> if WLAN this could be the problem, deactivate it and enroll new.
-
@HPsauce, we had similar problems with ESET + Windows Defender. Do you have deactivate it with GPOs? If not do it, one scanner is enough, two for normal HDDs the dead.
-
On 18.05.2017 at 7:12 AM, MichalJ said:
You can trigger a computer shutdown, or network isolation, if you are using V6 together with ERA 6, so you can take advantage of ERA 6 automation framework.
Hi MichaelJ, can you more explain "network Isolation" sounds realy interesting, there are exsist some documentation?
-
Hi marcos,
exclude from protocol filtering helps.
Adding with interactive mode DOESNT help.
-
Also 6.5. EES? Or only EEA?
-
Hi all,
we have a problem with skype for business, we can not login when SSL scan is active.
hxxp://support.eset.com/kb3487/ -> doesnt help
Only deactivate solve the problem.
Any tips?
thx HSW
-
On 06.05.2017 at 10:13 AM, Marcos said:
He meant that Microsoft stopped supporting Windows XP quite long ago. Without security patches, Windows XP will remain vulnerable to attacks no matter what security software you'll install.
Exactly what i mean, why not use a secure OS before thinking about to use a modern version of antivirus software? This was a answer to your question! The risk to use XP + Internet Connection is to much. We must also use some special machines with XP but without Internet Connection.
-
Why in God's name you try to install a up to date Virusscanner on a OS which has reach end of Support 2014?
Sorry but this is realy strange. XP should not connect to the internet at any time.
-
Top, this works! This mean a regular update will be pushed in some time?
-
Yes shure but you know that i cant Setup "warning" for https sites? Because the site gets blocked before ESET can give me the "allow" feature. Its good to know that you are better than others but it should work correctly
-
I read a other thread:
You say its "normal" but if we want to use this function, all employee will complain about this message. Other Virus Software can handle this, why eset can't check and do a popup from ESET. This will be a "compromise solution".
thx HSW
i test actually for replacement of our hardwarefirewall. But without Infos of blocked pages/applications/ips over the webconsole the EES is useless atm for us 
thx
Create a log on a IOT
in ESET Internet Security & ESET Smart Security Premium
Posted
Interessting
In my eyes With software Firewall only if you use a networkbridge over a PC/Server. Otherwise you need a hardwarefirewall to log this traffic.