[Database update policy for online/offline use]

18 hours ago, MHRSFI said:

Hey guys
I want to make an update policy for my clients so if the local update server was available they update from that server but when it was not available (like outside of network) they get updated from ESET servers.
How should I create this policy?

As i know, by default, clients will update database via proxy of the Eset protect server, which called Eset Bridge via port 3128. If it was disabled, you can create the new policy to use.

If clients can not communicate with Eset protect server, it will update direct with internet ( out side of network).

Hope it will help.

 

[Encrytion failed to start]

1 minute ago, Kstainton said:

Hi @eornate,

Could you acquire this log for me: https://support.eset.com/en/kb7123-eset-encryption-diagnostics-tool and DM me with it.

I shall let you know what the problem is, if I cannot see one, a ticket shall need to be submitted, but we can sort that after I have taken a look if needed.

Thank you,

Kieran

Thanks your quickly response.

Yes, i will.

[Encrytion failed to start]

Hi ,

Today i have the issue with start encryption with error below :

 

i've checked on this link : Troubleshooting | ESET Full Disk Encryption | ESET Online Help but has no the solution.

Could you please help me to check this ?

 

[License for Eset file server security]

14 hours ago, Marcos said:

It appears there are no errors logged in the Event log. Could you provide a screenshot of the error?

Also please enable advanced network protection logging under Tool -> Diagnostics prior to rebooting the server. After the error has occurred after a reboot, disable logging and collect fresh logs with ESET Log Collector. There should be some etl files created in C:\ProgramData\ESET\ESET Security\Diagnostics.

Hi @Marcos,

The customer removed version 10 and installed version 11.I'll note this case for in the future.

Thanks your support.

[License for Eset file server security]

2 hours ago, Marcos said:

ESET Server Security contains Network protection which is a part of the firewall. Please provide logs created and collected as per the instructions above which will likely provide more information on the issue.

Thanks your suggested. This's log on the server

 

efsw_logs.zip

[License for Eset file server security]

11 hours ago, Marcos said:

It is a license for ESET Server Security. Couldn't it be that it was installing during an RDP session? In such case the firewall remains disabled until you configure the trusted zone and re-enable it. If that's not the case, olease carry on as follows:

1. Enable advanced logging under Help and support -> Technical support
2. Reboot the machine
3. Reproduce the issue
4. Stop logging
5. Collect logs with ESET Log Collector and upload the generated archive here (only the ESET staff can access attachments).

Hi @Marcos ,

Thanks your reply.

However, the customer installed the version 10 ( as i know it has no firewall) so what the reason with "Firewall is non functional" ?

[License for Eset file server security]

Hi everyone,

As far as i know, with the product "ESET Server Security for Microsoft Windows Server" will have no feature "FIREWALL" on version 10, and with the version 11 , this feature have to active with the license "The Firewall is available only if you have an active ESET PROTECT Entry Tier subscription and above"

My customer just bought the license standalone ( 1 license for file server, it called Eset small business security) and install with the version 10.0.12015.2, however it alerted the "Firewall is non  functional. " I don't know this license will match to what the Tier in Eset protect Essential/Entry or above. Could any one please explain for this one ?

Thanks in advanced.

 

[Full Disk Encryption - Recovery Password has reached its usage limit]

2 minutes ago, Kstainton said:

I would advise reporting this issue via https://www.eset.com/int/support/contact/ with these logs: https://support.eset.com/en/kb7123-eset-encryption-diagnostics-tool as we have not had this reported in the past, nor have we encountered this during any internal usage or testing of EFDE.

However, I would suggest that they setup a Workstation with the default policy with EFDE (Which they likely have done since decrypting it after they were unable to use the Recovery Password) and simply attempt to use the Recovery Password 5 times to see if they can replicate this issue now.

Thank you.

Thanks your reply, i will inform customer.

[Full Disk Encryption - Recovery Password has reached its usage limit]

2 hours ago, Kstainton said:

That would suggest that they have the Policy set for "Maximum Uses" as 1 or if it is default (5) then they have actually used the Recovery Password 5 times.

Thanks your response.

I also suggested that but they said they have no policy, just use default when deploy EFD and they conform they just used only  1 time.

[Full Disk Encryption - Recovery Password has reached its usage limit]

On 3/1/2024 at 9:13 PM, Kstainton said:

Once you decrypt this machine and re-encrypt it with the policy you have shown, it should be take on the policy you have shown and thus be using "Automatically generate new recovery password" as enabled. I haven't seen an issue before whereby it is set before FDE and not automatically regenerated unless it hasn't been able to communicate with the ESET Protect Console.

Thank you.

Hi @Kstainton ,

How can we know the root cause on this ? My customer has the same issue but he said he just use the Recover password one time . Now he have to decrpyt and want to know the root cause ?

Thanks,

[I migrated VA from CentoS to Rocky Linux, however the virtual machine starts but I have an error in the database]

On 5/2/2024 at 12:00 AM, Marcos said:

Since this is an English forum, we kindly ask you to post in English.

Please carry on as follows to resolve the issue:

1. stop the PROTECT Server service

systemctl stop eraserver

• check if the service has been stopped

systemctl status eraserver

2. install the MariaDB ODBC driver

yum install mariadb-connector-odbc

• check if the driver has been correctly installed

  yum list installed | grep mariadb
  mariadb-connector-c.x86_64                3.2.6-1.el9_0                       @appstream
  mariadb-connector-odbc.x86_64             3.1.12-3.el9                        @appstream
  

3. check the alias of the ODBC driver and search for the following section:

less /etc/odbcinst.ini

[MariaDB]
Description=ODBC for MariaDB
Driver=/usr/lib/libmaodbc.so
Driver64=/usr/lib64/libmaodbc.so
FileUsage=1

• verify if such file is present

ls -la /usr/lib64 | grep -I libmaod*

-rwxr-xr-x.  1 root root    326688 May 25  2022 libmaodbc.so

4. modify the "StartupConfiguration.ini" - replace the "MySQL ODBC 8.3 Unicode Driver" with "MariaDB" so the final configuration file will look like follows:

vi /etc/opt/eset/RemoteAdministrator/Server/StartupConfiguration.ini

DatabaseType=MySqlOdbc
 DatabaseConnectionString=Driver=MariaDB;Server=127.0.0.1;Port=****;User=***;Password={****};CharSet=utf8;NO_LOCALE=1;NO_SSPS=1;Database=era_db;

5. start the PROTECT server service

systemctl start eraserver

Hi @Marcos, i tried to deploy again with this VM ( i snapshot this VM and backup database before) but it was not successful and appear the error :

How to i can restore my server ?

 

[I migrated VA from CentoS to Rocky Linux, however the virtual machine starts but I have an error in the database]

On 5/2/2024 at 6:59 PM, CNNS said:

Might be Off-Topic but the provided Steps from Marcos also helped to get the Webconsole Login working again after an OS-Update of the Rocky VA.

Error Message upon Login was:

Login failed: Connection has failed with state "loginConnectionStateNotConnected"

 

I have the same issue after done those steps from Marcos.Now i can not log in the webconsole. 

[About URL list management]

23 minutes ago, itman said:

Appears BBC is linking to another web site to display web page content;

Yes, i forgot about the linking to other. Thanks.

[About URL list management]

9 minutes ago, Marcos said:

Add also "*.bbci.co.uk/*" to the list of allowed addresses.

It worked , Thank you.

[About URL list management]

Hi everyone,

I have the issue with URL list management.

I have the rule block all :  rule block with *

And rule allow with :

However, when i access the url, which was allowed , the content in this site was not load pictures :

Anybody can help me ?

[ESET interface password]

17 hours ago, Luciano Grosso said:

Thanks for the reply. I have already applied that. What I need is that the user cannot open the ESET interface directly, is this possible? Thank you.

HI,

You can reference this link : User interface elements

Hope it will help.

[How to get serial Bluetooth device]

Hi every one,

How to i can get the serial number Bluetooth device like the Disk storage ?

 

[Network isolation on cloud is not available]

4 hours ago, eornate said:

Hi everyone,

On my cloud, the feature "Network isolation" is not available

I have to into the ESET INSPECT to use this feature.

On the on-prem, i can use this one 

How to i can use this one on cloud ?

At current time, i've used this feature on cloud. Is there problem and it've fixed ?

[Network isolation on cloud is not available]

Hi everyone,

On my cloud, the feature "Network isolation" is not available

I have to into the ESET INSPECT to use this feature.

On the on-prem, i can use this one 

How to i can use this one on cloud ?

[About Eset Live Guard]

2 minutes ago, Marcos said:

The answer is in the article you have quoted, ie. the maximum size of submitted files is 64 MB. Larger files are not analyzed by ESET LiveGuard.

Hi @Marcos,

Thank your reply.

Yes, I know.I mean that which the file > 64MB -> how to ESET would protect endpoint with this file (unkown before) ?

[About Eset Live Guard]

Hi every one,

I have a question about Eset live guard.

What is the maximum size of a file which can be sent?

ESET Security products can submit files up to 64 MB in size. You can define a maximum size to send in your policy for ESET LiveGuard Advanced.

So if with the file greater than 64MB, how to ESET analysis this file before use ?

Thanks in advanced.

[Duplicated clients on Eset protect On-prem ( OVA rocky 9)]

Hi everyone,

Today, after migrate Eset from OVA centos 7 to new OVA rocky 9, i experienced the issue : the client was appear duplicate on the portal, i just have only one this client and have no clone machine. Have you been ever experiencing with this ?

And i have a question with task "Reset Cloned Agent ", i was not use the task before and i don't know when use this task although i read the guide.Anybody can explain to me  for the scenario ?

Thanks in advanced.

[Can not install efs on rocky server]

1 hour ago, kurco said:

Hi eornate,

it look like enhanced security is enabled and package manager is unable to check GPG keys. Our package isn't signed and therefore installation is failing. You should be able to install efs manually, but you need to skip gpg check. 
 

sudo dnf install --nogpgcheck ./efs-10.2.41.0.x86_64.rpm

Regards,
Kurco

Thanks your reply. 

It worked.

 

[RE: #CASE_00729049 - Module update failed and Could not connect to server]

33 minutes ago, Microbe said:

You can now closed this issue. 

Problem has been resolved

 

Cheers, 

Gilben Castro

could you share the solution ?

[Can not install efs on rocky server]

Hi everyone,

Today , i tried to install the efs-10.2.41.0x86_64.rpm on my server however it can not.

I used task on eset protect server and tried install manually on server but the both have the same issue with error :

I tried use "dnf clean packages" and reinstall but it same the error.

How to i can install efs for my server ?

Thanks in advanced.