Jump to content


  • Posts

  • Joined

  • Last visited

About obrandt

  • Rank

Profile Information

  • Gender
    Not Telling
  • Location
  1. This worked for me. You may want to tweak the 'both' for communication direction...but this is a start at least. View - USB, Multimedia Redirection TCP Any Profile Allow Both Port: 32111,9427 View - PCoIP TCP& UDP Any Profile Allow Both Port: 4172 View - Agent reporting TCP Any Profile Allow Both Port: 4001 You may need to add 3389 to allow RDP if you're using that instead of PCoIP.
  2. Having the same issues in our environment. Except whenever I have run the 'reset cloned agent' task it never does anything. I've run it at least 6 different times and it never works. Agent deployments and security product deployments work fine.
  3. Has anyone had any success with putting the ESET Agent and Endpoint Security 6.x product on a base VMware Hoizon image? I've followed these steps from a KB article but nothing seems to work. With ERA (ESET Remote Administrator) it can be automated this way: 1. Install ERA agent and connect it to the ERA server 2. Install your Endpoint software 3. Create your image for the VDIs 4. Create a task for the deployed machines called "Reset Cloned Agent" 5. Use a dynamic group for "Product not activated" an apply a "Product Activation" task to that folder to automatically activate 6. Each time new Endpoint connects to ERA, it will automatically receive a request to activate this machine, without any user intervention. NOTE: The most important is step #4, because without doing this step the unique UUID agent numbers would be "fighting“ over it, ERA must know that it was an agent used for cloning (image / base virtual image etc.). My understanding is you create your base image with the agent on and eset product on it. Run through the process of deploying your virtual desktops using the image. Then run the 'reset cloned agent' task against those new virtual desktops. After that they should show up in the 'product not activated' default dynamic group. At which point you activate them. 'Reset cloned agent' task never even started. I waited over 24 hours. Am I missing something, doing something wrong? Thanks, Owen
  4. Within the 'computers' view the threat badges have cleared. Under the 'Threats' tab the console still shows all of the false positives. Wondering how to clear that out. Wondering at this point if the Threats tab is basically considered an archival log and I would need to delete my logs? Also, exclusions don't work for me. I've excluded the directory where the Endpoint product is saying there's an 'unwanted application', done a rescan multiple times and it still pops up. I had to completely turn off Enable detection of potentially unwanted applications, Enable detection of potentially unsafe applications, and Enable detection of suspicious applications in my policy to get it to stop. So as far as i can tell exclusions are broken in ERAS 6
  5. We have 30+ false positive threat alerts in our ERAS 6; how do I clear all those alerts out?
  6. We're slowly migrating from ERAS 5 to ERAS 6. I've pushed the 6.1.444 agent and Endpoint Security 6.1.2227 product to some test machines. All of them are flagging WinZip as a virus or potentially unwanted program even though i have c:\programfiles\winzip* defined in the exclusion list. I also have a handful of alerts about the OS not being up-to-date even though those machiens are 100% up-to-date with updates and the policy says don't alert on updates.
  • Create New...