Jump to content

avielc

Members
  • Content Count

    170
  • Joined

  • Last visited

  • Days Won

    3

avielc last won the day on June 8 2017

avielc had the most liked content!

Profile Information

  • Gender
    Male
  • Location
    Israel

Recent Profile Visitors

1,121 profile views
  1. Thanks for answering @MartinK! and also, Thank you for explaining that. I am facing a problem now, I hope you can help me resolve. I'll sum up everything you said into the following statement: "This is the application level security between the agent and the ESMC" Which is great, but in terms of Apache\Proxy, I would like to add a layer of security there. Problem is I tried to add HTTPS as well as password protection, but both failed to allow the agent to report. Could you help me with what solution is supported by the agent (we are talking about replication purpose only, if there are any updates, I allow the agents to download from ESET-servers directly wherever the employees are (home etc)) Looking forward to hear from you Thanks for helping!
  2. @MartinK @MichalJ @Marcos Hi Guys, Can I ask you for the specifics of how Agent reports to ESMC via Proxy? I need to provide my company the specifics on how secured it is. I understand that the agent needs to report replication to ESMC in order to receive updates\policies, dynamic groups etc. But in difference to receive updates - this HTTP Proxy can NOT use HTTPS and can not have credentials on it for replication. So to understand better and provide the right info to my company. What is secured in the replication process via PROXY if I can't use credentials or HTTPS communication to it. (and please be as detailed as possible.) Thanks!
  3. Not sure I fully understand, but will an agent still be able to report back to ESMC using squid?
  4. So, how come that feature exists in the first place. and also, if it's not supported, what other options do I have to secure an agent connection to an ESMC server without exposing the ESMC to the internet?
  5. Hi @MartinK Thanks for the reply. I'll answer following your points. it is mandatory in my organization to have some safety over opening connection to the outside world. so having a proxy without any kind of security on it, is simply not allowed. - so Could you please elaboarte why it's not possible? I'm adding the credentials to the agents using an agent policy, should be good enough, no? That might be from the trace.log - agent trying to find the eset-server while changing to an external network. which would make sense and then create a "fallback" to the proxy. That's what I fear I might have missed some settings on the proxy for it to communicate with the eset-server. Is there somewhere clear enough to give that information? any settings I need to do on the server side for it to accept connections from the eset-proxy? After all the proxy is simply a linux machine with httpd pre-installed + mod_ssl and some conf file I'm trying to mash up from all the instructions lying around for windows and linux (non are clear enough on what should or shouldn't be, e.g. windows have "Virtual Server:3128" while the Unix doesn't... it's quite confusing) as mentioned in 3, you're probably right, just found out half hour ago about that "Allow CONNECT 443, 569 2222" no idea what that is about or how to make it work. Also, another point that might matter. I added to the eset-server certificates to make it SSL approved. unfortunately the proxy doesn't have - and it seems to return a lot of Curl(60) or (56) errors about certificate not set correctly (i'm testing with Curl --proxy to see if it works. which I either get html code 403, or 407 as mentioned in the logs. any idea how I should set it up right? If you can help me with a proper .conf file (at least as close as possible without some specific names like domain\authentication that'll really really help! Thanks
  6. Hi, So I'm trying to setup apache proxy to allow clients to reach the eset server while being connected outside the office network (e.g. home) I've setup an apache machine in the cloud with open port to the outside (currently set it up on something random) Deployed agent policy on a test machine made sure it was received through the statue page. moved to external network - checked welcome page and saw I have access there. but the agent fails to report on the following error: attaching text of trace + message from the status.html on the agent data. - trace.txt Also attaching the apache logs in debug level. - apache.txt Please notice the following points: 1. a unix machine installed on the web with ESET Management agent that is reporting back to ESMC without a problem 2. Basic httpd installation part of a centos machine, on the server followed the instructions on https://help.eset.com/esmc_install/70/en-US/http_proxy_installation_linux.html 3. changed it a little to try and make it work better (somehow managed to lose the grant deny error I had at first - but it might not be a good thing according to the log. Something I noticed but i'm Unsure of. is there some configurations I need to do on the server side to accept these connections from the apache? adding a certificate or something? (Just noticed I have a proxy certificate available in ESMC) Thanks trace.txt apache.txt
×
×
  • Create New...