kingoftheworld

The problem with removing the duplicate seat is exactly as you mentioned. If the device is a laptop and checks in the first time with a wired NIC to activate, then checks in with the wireless NIC later activating a second license, how are you supposed to tell the difference between which one is which? I have stopped removing duplicates because it has generated a service ticket when I incorrectly guessed the wrong one and was showing deactivated messages on the client side.

However, with the mirror configuration, this internal and external access does not work well if the end-user triggers an update from the application menu. This will likely result in an error when the client is unable to reach the mirror server. I wish ESET would standardize this behavior between the PC and macOS versions of the product into a simple try server/config A first, if fail or unable to connect, try B.

Yes, the remote host field should give you the FQDN or IP of the public IP of the device.

Agreed on this part. I am actually almost hesitant to move from 6.5 to 7 until it is a couple major revisions in. But the sooner I get my hands on a beta version to install on my dev server, the sooner I will feel comfortable.

Do you have any information as to the next revision of the server will be released? Or will the next big release be ERA7?

Great! I am looking forward to the release!

I have found that to be problematic for a couple of reasons. 1. If the machine has just been powered off for an extended period of time. I don't really want to delete the object since that will lose all information about the device. If the machine has been reimaged, I only want to keep the one with the most recent connection. 2. I have found this to be problematic with licensing when selecting the remove option license. For example, I believe when a machine is named "CompName123" and that machine is reimaged with the machine "CompName123", when the delete non-connecting machines task is issued with the remove license. I have not heavily tested, but I believe in a couple of cases it is being removed from both the old and new object. In ERA 6, this is an issue since you have to reissue the activate command to the object rather than in previous versions of the server issuing the license from the server automatically.

One thing I know would be useful to me and my team is a way to quickly purge or remove machines from ESET that are duplicates or even stale machines from ERA 6. We have found that as machines are reimaged, or removed from the domain, their ESET object remains. I understand that ESET doesn't receive any notification as far as when these events happen, but if there was the ability to easily do a clean up within the console, this would be very helpful. My current process for this is to build a machine report to a specific OU, download the CSV into Excel, and do some filters to evaluate duplicates. This is tedious and time consuming to do. Would anyone else find this useful?

If you are good with SQL, you can build the report you are looking for. That is how I built a similar report. It takes a little bit of poking around to understand the structure, but with a few joins, it is possible

If anyone is interested in a work around, I added the URL to the "Exclude from Checking" in the Web Protection section of a policy. It seems have resolved the issue. Will remove this entry once the definitions are updated.

Experiencing the same here

Any ETA on the new mirror tool and ERA server to manage the new endpoint?

I am running 6.5 agent and endpoint

I see that on roughly 200 of my 5000 clients. On the endpoints, all appear fine. All are on a standard image and generally configured the same. Sometimes a restart of the machine makes it go away.

I would recommend reading the release notes for each version. Each version, can include security fixes, bug fixes, or just general stability fixes. I think it would be best to check out the notes on the Downloads page to see if any of the fixes warrant you upgrading your clients.

I would like to confirm this as well. Except, I have about 6,000 endpoints and it is not with all of them, but enough to be noticeable. Out of curiosity, what is the status that is being reported to ERA? In my specific case, I see that the machine in ERA is reporting the status that the definitions are out of date. While this is true, the underlying status of the product not being activated in not being reported. On the client, it clearly states that the product is not activated. I opened a ticket this morning with support, but I would like to know if others are having similar issues as well.

Understood and heard. However, it is easier said than done in 7,500 client environment having to go through our Engineering teams and Change Management. That part is in progress. The clients are in fact no longer activated. It is possible they were left offline for an extended period of time and ELA deactivated them after 180 days, which is what I have it set to. However, the status showing in ERA is that the definitions are out of date, which is true because the clients are not activated. However, the status of the machine not being activated is not being reported, but is apparent when directly accessing the machine.

I am seeing an issue on a bunch of my clients where the status "Product Not activated" is not being reported back to ESET Remote Admin. However, I do see the status that the definitions are out of date. However, once I physically or remotely connect to one of the clients, it is displayed there. Has anyone else seen this? I am running ERA 6.5 server. Clients are running ERA 6.3.* to 6.5.* agent. and mostly 6.3 A/V

Should be no problem for 1000 endpoints. Check out their Infrastructure Sizing guide, hxxp://help.eset.com/era_install/65/en-US/index.html?infrastructure_sizing.htm I currently have around 5,000 clients on one server in our datacenter, and I will probably add another 3,000 or so. A lot will depend on how often you set your clients to check-in. I have mine running at 10 minutes, and I would say the traffic is fairly minimal.

+1 for HTTP server. Too many issues using a SMB share. I am using IIS to distribute the updates and have a second folder where I store the A/V packages for easy distribution within my network. Any will work though, Apache, Nginix, etc.

Can I get a beta license for this?

The better question is why are you using Server 2003 to run a security application?

Thanks! Is there any timeframe for the big 7 release? From what I can gather, 6.5 may be the end of the 6 series?

Thanks for the quick reply. I think what you mentioned may already in the works. We had your VP for Sales visit our site last year, and our sales rep mentioned that someone from ESET was planning another visit this year. I am not sure if it is more geared towards sales or product improvement. I will reach back out once I get some more details of the already planned visit.

If it is for ERA 6.*, you can generate a shell script from your ERA console. Much like you likely did for Windows. Then you can either log into the desktop or via SSH and execute the script. You may have to modify permissions on the script to allow for execution.