Jump to content

MartinK

ESET Staff
  • Posts

    2,503
  • Joined

  • Last visited

  • Days Won

    71

Kudos

  1. Upvote
    MartinK gave kudos to MichalJ in CentOS 7   
    Hello, there will be soon a new version of the virtual appliance, that will be based on the Rocky Linux 9.  
  2. Upvote
    MartinK received kudos from Peter Randziak in bandwidth (traffic) usage eset protect cloud   
    Could you please more details of your concerns regarding current interval? As of now, indeed interval is not configurable, but since older versions, communication protocol was optimized in a way that there should not be a big connection overhead, especially not in case persistent connection are working properly (depends on network configuration).
    There are also transparent push notifications used in cloud PROTECT which improves responsibility of the clients for changes.

    In case there are come limits, would it be possible to provide us to us, i.e. what would you consider as reasonable traffic use for example in one hour?
  3. Upvote
    MartinK received kudos from petersonal in all in one installer not downloading   
    Before you get response from ESET support, I would recommend to troubleshoot network connectivity, especially between ESET PROTECT Server and ESET repository servers (http://repository.eset.com). Creation of all-in-one installers heavily depends on download of multiple larger files from ESET repository. Also note that firewalls and HTTP proxies in between should be verified in case it won't be clear where the problem might be.
    As ESET PROTECT Appliance is in use, I would recommend to check there is enough free resources (disk space and RAM) during procedure - creation of all-in-one installers might be resource consuming (even few hundred MBs of RAM might be required).
  4. Upvote
    MartinK received kudos from Peter Randziak in ESET Management Agent automatic upgrade   
    In case of ESET PROTECT (on-premise) there is a difference in a way how upgrades of ESET Management Agent do work:
    ESET Management Agent is not updated to latest version, but rather to "latest compatible" version. This means, that if ESET PROTECT has version 9.1, ESET Management Agents will be updated automatically only to version 9.1 and not version 10.0 (until ESET decides that there is no compatibility issue). In case of on-premise ESET PROTECT, mentioned ~1 month countdown starts in a moment when ESET Management Agent detects that ESET PROTECT has been upgraded, and thus latest compatible version has changed. So in case AGENT is not connecting to console for a long time, it won't be able to detect this change and thus it won't upgrade. It would upgrade only to hotfix or service release of AGENT, which does not happen very often. In case of cloud console:
    ~1 month countdown starts in a moment when specific AGENT detects new version in the ESET repository. This means, that in case AGENT is offline (no access to ESET repository) for some time, it's own countdown will start later. Also note that we have slightly changed algorithms for the future updates. Scheduling will be more "randomized" in a way that initial ~2 weeks delay was significantly shortened = instead of waiting for first updates for ~2 weeks, it should start sooner and thus progress should be visible from the first days.
  5. Upvote
    MartinK received kudos from Peter Randziak in Empty "OS Last Boot Time" field in Protect Cloud v4   
    As of now, there are no separate changelogs for ESET Management Agent - it is considered as an support components, and new features and resolved issues are communicated as part of ESET PROTECT or ESET PROTECT Cloud changelogs.
    Plan for the future is that ESET Management Agent with support for new features is released prior to console update, so that transition and usability of new features is more transparent and not delayed...
  6. Upvote
    MartinK received kudos from Peter Randziak in ESET PROTECT - Whitelisting and disabling public access to the Web Console ?   
    We would need more details for clarification before making any security-related decisions, but:
    Application hosted by Apache Tomcat, i.e. our webconsole deployed there is not accessed by any other service or component - i.e. you can change port and block any communication you wish. Impact on users will be inaccessible console via browser when accessing from blocked location ESET Push Notification Service indeed uses port 443 as an fallback, but this is service hosted by ESET itself, i.e. it just means that our components (like ESET PROTECT Server and Agent) are connecting to epns.eset.com:443 - so in case you are blocking only incoming connection to port 443, this should not be impacted. In case you are hosting ESET PROTECT (on-premise variant) in cloud, but your managed devices are located outside, crucial is to enable communication to port 2222 (if not changed), i.e. communication between ESET Management Agent and your ESET PROTECT Server instance. Port 2223 does not need to be accessible from outside, especially in case you are not using so called "Server assisted installation" of AGENTs. Also note that MDM management requires more ports to be opened.
  7. Upvote
    MartinK received kudos from Peter Randziak in BUG - OS Last boot time is related to reboot task   
    Would it be possible to check uptime/system boot time on the affected device using system tools, i.e. for example using command from this article: https://www.windowscentral.com/how-check-your-computer-uptime-windows-10
    We would like to know whether system reports also unchanged uptime or there might be an issue in ESET Management Agent reporting wrong value, as it currently relies on system provided date.
  8. Upvote
    MartinK received kudos from Peter Randziak in Eset web console vs Apache Tomcat v.10   
    Hi. For now, I would recommend to just stay on versions that do work for you. Indication was added to notify especially of "Windows" users which tend to use old and unmaintained versions of those components. We will probably have to target this in next release and possibly modify communication in a way that it is supposed to recommend specific component versions for the future.

    Regarding Java versions, officially only LTS versions are supported, as other versions are very short-living and tend to introduce breaking changes. We do expect that version 17 will be supported by ESET PROTECT for a longer time. But as of now, from technical perspective, console is still compatible with v8 (but this will probably change in near future).
  9. Upvote
    MartinK received kudos from avielc in ESET Failed to start 9.1.1295.0   
    Could you please provide us more details (trace logs from ESET PROTECT) via private message? It might indicate some database-related issue, possibly triggered by upgrade.
  10. Upvote
    MartinK received kudos from Peter Randziak in ESET Failed to start 9.1.1295.0   
    Could you please provide us more details (trace logs from ESET PROTECT) via private message? It might indicate some database-related issue, possibly triggered by upgrade.
  11. Upvote
    MartinK received kudos from avielc in ESET PROTECT | BUG - Preview pane not showing the latest information   
    Behavior of coloring is defined in this section for this report template:


    but it depends of what kind of data is to be rendered, as some coloring schemas might be used only with specific data values (for example severity-based coloring).
    Regarding listing of the same device multiple times, it is most probably result of report definition, which probably lists device with each scan times reported. We do collect entry for each scan reported by product, so showing only latest one might require more complex report definition or proper ordering.

    Also note, that the original issue with wrong last scan time was reported some time ago and is prepared for next service release. As I proposed, it was indeed problem with ordering, where not last, but oldest scan time was shown...
  12. Upvote
    MartinK received kudos from Peter Randziak in ESET PROTECT | BUG - Preview pane not showing the latest information   
    Thanks for reporting. It will be forwarded for further analysis, but it definitely seems to be wrong. I would expect it reports last recorded scan instead of latest as similar issue was present long time ago also in client details view.
  13. Upvote
    MartinK received kudos from Peter Randziak in EPNS not working?   
    As mentioned, EPNS service connectivity is unrelated to issues you mentioned - EPNS in this case is used to wake-up device, used for example to make modifications to device faster (i.e. executing ASAP task sooner than deice would connect depending on it's connection interval) - I guess communication to epns.eset.com was blocked in this environment which seems to be indicated by 403 response?

    In case issue with 2 devices still persist, I would recommend to double check there are no "clones" in the console. If no, troubleshooting guide: https://help.eset.com/protect_admin/90/en-US/fs_agent_connection_troubleshooting.html provides more hints - .e. checking status.html log might provide quick status, especially whether AGENT is actually running and whether it is attempting to connect to correct "destination".
     
  14. Upvote
    MartinK received kudos from Ufoto in All servers are classified as File Server?   
    Hello, we were considering this when renaming products and somehow concluded, that "File server" in this scope is still more suitable - it is not a role of the server itself, but it somehow presumes that former ESET file Security / ESET Server Security is used on such servers. But we will most probably rethink this...
  15. Upvote
    MartinK received kudos from Peter Randziak in Windows XP / EP 6.5.2132.6 - out of date message   
    As of now, version is marked as out-of-date because it is older version than version marked as compatible with your console (for your PROTECT version compatible version is 8.0). Even it works properly in this case, there might be missing support for more recent functionalities in older version of AGENT, i.e. environment as a whole might not work as expected.

    In case of other ESET products, version check considers latest version supported by operating system, instead of functionalities and thus ESET Endpoint Antivirus v6.5 is not reported as outdated when deployed on Windows XP, even it might be considered as misleading, especially now when product is communicating its outdated status directly and it has EOL status.
  16. Upvote
    MartinK received kudos from fish in Duplicate Names Being Auto Assigned to A Folder   
    From provided description it seems to be as an expected behavior of "Automatically pair found computers" functionality. There are more details in linked documentation -> in case of on-premise management console, functionality can be disabled in settings:

  17. Upvote
    MartinK received kudos from Peter Randziak in Slow installer downloads from locally hosted ESET Protect server   
    Unfortunately I do not think this is related - installing HTTP proxy would help with "creation" of the installer itself, which is indicated by progress dialog in the console itself and it involves downloading of installer for ESET repository servers through HTTP proxy, and only in case installers are not cached locally yet.

    Once generated installer is ready, download as reported in this issue is performed, and in this case, file is hosted by Apache Tomcat (where PROTECT console is hosted) and downloaded directly by your browser, so it might indicate problem with connectivity between browser and console, or performance degradation of Apache Tomcat. I would recommend to focus on those two aspects in case this issue reoccurs.
  18. Upvote
    MartinK received kudos from Mr.Gains in Incorrect OS version in report   
    I would recommend to double-check that WMI works properly on such device, as OS information should indeed update itself automatically after some time, or when change is detected.
  19. Upvote
    MartinK gave kudos to T3chGuy007 in New Client Not Reporting   
    I fixed my issue.  I opened C:\ProgramData\ESET\RemoteAdministrator\Agent\EraAgentApplicationData\Logs\trace.log and I found several errors that it could not resolve my ESET PROTECT server.  I then checked DNS on the NIC and someone had configured it with an old static DNS server.  Once I changed this to automatic, it immediately showed up in ESET PROTECT.
  20. Upvote
    MartinK received kudos from Gonzalo Alvarez in PROTECT Service crashes after few seconds   
    Feel free to send me those via private message. I would also recommend to open support ticket in the meantime, in case it will require more details to be provided. 
  21. Upvote
    MartinK received kudos from Peter Randziak in PROTECT Service crashes after few seconds   
    Feel free to send me those via private message. I would also recommend to open support ticket in the meantime, in case it will require more details to be provided. 
  22. Upvote
    MartinK received kudos from Trooper in Migration to ESET PROTECT CLOUD 3.0 from ESET PROTECT 9.0 On Prem   
    Seems it is not clearly communicated, but it is most probably there just to be sure that you are using license used for activation of cloud instance, and not some other license as that would probably violate terms of use. But in case your original license was converted to cloud, there is no need to do so.
     
    In this case I have suspicion that something might have gone wrong - migration policy you downloaded from cloud instance actually reconfigures AGENTs to use new certificate (tied to your) and start connecting to new server. But it is possible that when this reconfiguration happened, AGENT was able to very was evaluate new certificate and send this information to original servers -> I would say this won't cause any issues, but please double check that those devices are actually actively connecting to cloud instance, i.e. verify there were migrated properly. Also once those AGENTs connected for the first time to cloud instance, they should receive CA certificate used for verification of certificate - this certificate was missing previously and that is why certificate was appearing as untrusted.
     
    Unfortunately from this description I am not sure what you mean. But regardless of that,  cloud policies that are present from initial state = defeulat pre-generated policies are mostly not assigned to any groups, and also they are almost identical to those created in on-premise servers. You should be able to modify most of them (except those marked as locked), but my recommendation is to not modify those policies, and rather unassigned them and use your own if changes are required. This would let us to patch those policies later, if there will be such need - for example recommended configuration might change with new version of products.
  23. Upvote
    MartinK received kudos from Peter Randziak in Log4J Vulnerability   
    Mentioned detection is network-based, so it will be blocking all such attempts, regardless of their target and possible impact or presence of vulnerability.

    Also log4j presence in ESET PROTECT was mentioned, without any further details - in case ESET PROTECT Appliance was meant, log4j present there (and not used by ESET PROTECT services) is of older and unaffected version.
  24. Upvote
    MartinK received kudos from MichalJ in ESET agent cannot be updated   
    Would it be possible to provide more details, especially failure reason as shown in the console? There should be localized error message, but also "trace" message which might provide more details.

    In case both upgrade do fail, my best guess would be that:
    there is a problem with connectivity to ESET repository servers (repository.eset.com) or there is some generic problem, for example another installation is running, OS requires restart due to performed OS update, or maybe there is not enough disk space But regardless of that, there are multiple possibilities how to upgrade those applications, especially in case you have access to the device - for example using standalone installers that can be downloaded from ESET web page, but also using various installers that can be created in the ESET PROTECT console.
  25. Upvote
    MartinK received kudos from avielc in Question| How to migrate from MSSQL to MYSQL   
    Just note, that this will start to work only with alarms generated after this change: could you double-check you tested with some of the one ones, not those generated prior this modification?
×
×
  • Create New...