Jump to content

MartinK

ESET Staff
  • Content Count

    1,623
  • Joined

  • Last visited

  • Days Won

    54

Kudos

  1. Upvote
    MartinK gave kudos to Marcos in PUP not handled   
    Today we've released a fixed version of the Antivirus and antispyware module 1552.3 which addresses cleaning issues on Mac. Could you please check if PUAs are now cleaned properly?
  2. Upvote
    MartinK received kudos from MichalJ in console cloud   
    Any chance it resolved itself automatically after a time? We are currently experiencing issues with license synchronization, which is targeted by release that is rolling out this week.
  3. Upvote
    MartinK received kudos from MichalJ in Eset Endpoint Cloned Agents   
    There has been support for cloning implemented in ESMC, which means this scenario should be handled automatically if properly configured, without executing mentioned task.
    Once machine was cloned, new Cloning Question for ESMC administrator should have been created -> until it will be resolved, cloned devices won't be able to communicate with ESMC and thus not able to reset itself. There is possibility to resolve it in a way that every other clone of specific device will automatically results in creation of new devices, as if reset cloned task was executed. I would recommend to check whether there are any cloning questions available -> they should be accessible through client details of "master image" or in status overview in ESMC console.
  4. Upvote
    MartinK received kudos from Peter Randziak in database create error occurred during ESMC install   
    Problem seems to be in MySQL ODBC driver used. Unfortunately ESMC 7.0 does not support latest versions as there is some bug in driver itself. It was supposed to be fixed in ODBC driver 8.0.16 released recently but seems there might be some another issue.
    I would recommend to check documentation where latest supported version of MySQL ODBC driver is mentioned. If I recall correctly, latest working version is 5.3.10.
  5. Upvote
    MartinK received kudos from Peter Randziak in Question over encryption between Eset Security Management Center Server and database   
    I would recommend to check file:
    %PROGRAMDATA%\ESET\RemoteAdministrator\Server\EraServerApplicationData\Configuration\startupconfiguration.ini which contains connection string as used by ESMC. Please make sure you create backup before doing modifications. Resulting connection string is passed to SQLServer ODBC driver and thus all parameters supported by driver should be working. Also be careful with using reserved characters as are @,{,},... as it might require special escaping to work properly.
    Also be aware that changes in this file might break upgrade of ESMC in the future, and even if upgrade is successful, it might replace this file with new one, without custom changes you made.
  6. Upvote
    MartinK received kudos from Peter Randziak in Erro agent Deployment From console ESMC   
    Unfortunately remote deployment task has a glitch that it shows successful installation even in case installation actually failed. This is issue of last phase of installation, so it means ESMC is able to connect to this device, but either download of AGENT installer or installation itself fails. Most probable cause is download, especially in case device has limited access to internet or ESMC is configured to use HTTP proxy.
    I would recommend to create Windows live installer in console (it is bat script) and try to execute it manually on device. It will behave exactly as it executed remotely, but local execution might help diagnose the issue.
  7. Upvote
    MartinK received kudos from Peter Randziak in Multihomed host - ESMC 7.x   
    That is correct column for this scenario. Remote host shows IP address as seen by ESMC, which is suitable for remote clients, until they are not hidden behind NAT router or load balancer which would result in multiple devices with the same IP address.
    IP addresses shown in other column are based on local state on AGENT, where IP address of interface with highest priority should be shown - but it might have no relation to interface that was actually used to connect to ESMC.
  8. Upvote
    MartinK received kudos from Peter Randziak in Query over TLS1.0   
    Hope that helps. Crucial parameters are:
    sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA" where you can limit not only TLS protocol but also list of supported cipher suites, even when we have already enabled only those most secure and considered as secure by various analysis tools.
  9. Upvote
    MartinK received kudos from Peter Randziak in Query over TLS1.0   
    Unfortunately this is not configurable via UI. It i actually part of Apache Tomcat configuration distributed with ESMC. Please check following KB3724 but just search for TLSv1 and you will understand what to search for in server.xml configuration file. There is no need to follow this KB as it is unrelated.
    Regarding question why it TLS1 enabled by default - it is due to backward compatibility as ERA6 clients were using TLS layer provided by system itself, and we do still support older systems (Windows XP as an example, but also older Linux and macOS) which do not support TLS 1.2.
  10. Upvote
    MartinK received kudos from Peter Randziak in Future changes to ESET Security Management Center / ESET Remote Administrator   
    Unfortunately I am al so not sure how it was meant. We are officially declaring maximal number of managed clients to 10000 when using MySQL database, but it is not related to number of actually connecting clients, but rather limit is amount of data. ESMC installed over MySQL might have performance issues with processing larger amount of data and rendering larger datasets. As an result rendering of specific reports (threats for example) might be much slower, but in "clean" network even much larger environments can be managed with MySQL-based ESMC installation.
    Persistent connections as introduced in ESMC should actually significantly reduce load of ESMC server, especially in "dormant" state when no changes are made in management console. If properly configured on recommended HW, ESMC should handle hundreds of clients per second.
  11. Upvote
    MartinK received kudos from Peter Randziak in How to configure ciphers for communication between ERA Server & Web Console   
    For future reference -> this is actually bug in ESMC itself and should be resolved for upcoming releases. In case there would be no issue, weak ciphers would be disabled in so called "Advanced security" mode which is available in ESMC's configuration. Those weak ciphers are available only for older ERA Agents connecting from even older operating systems (Windows XP, ...) where no secure algorithms were available in system.
×
×
  • Create New...