PXCSW 0 Posted March 21, 2017 Share Posted March 21, 2017 Hi, I updated an Endpoint Antivirus and Endpoint Security Client from 6.4 to 6.5 to try it out. The first thing I see is a big reg warning, telling me that I should enable ESET LiveGrid. I run an ERA 6.5 Server and have knowingly disabled LiveGrid via Policy. But now those clients also show up in the ERA Server with a red Warning and a "Security Risk". I have no intention of activating LiveGrid. How do I disable this Message in the Client and Server? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,242 Posted March 21, 2017 Administrators Share Posted March 21, 2017 LiveGrid is a crucial protection functionality. By default, checking file or url hashes against both the local LiveGrid dabatase and cloud LiveGrid servers is enabled in ESET's products. Disabling LiveGrid completely (ie. even checking hashes against the local and cloud LiveGrid database) has adverse effect on protection and substantially deteriorates detection and protection capabilities of the ESET product when it comes to newly emerging threats. Disabling LiveGrid completely will cause that a detection of a particular malware (e.g. ransomware encrypting files) will be added with the delay of several hours instead of ESET being able to detect and protect you from it virtually instantly. In environments with a strict policy where no submission of statistics or files is allowed, the following policy is recommended: As for submission of samples, this setting should be kept enabled in order for automated systems or malware analysts to generate smart detections for suspicious (malicious) files and to improve cleaning. Sensitive files, such as documents, are excluded from submission by default. Even if you decide to turn off LiveGrid completely (not recommended) and take the risk, you can disable changing of the protection status in the Applications statuses setup in the Tools section. Link to comment Share on other sites More sharing options...
KarolB 0 Posted September 26, 2017 Share Posted September 26, 2017 Hi Marcos, Your explanation is understood, but I still need to mute these alerts. We are in the middle of migration from v5 to v6. Currently, I am struggling to find clients with other issues, because ALL my clients report LiveGrid disabled. This is very inconvenient, because I will not see any other issues if they pop up on my clients. And at this point, this is more important. So, I need to either: - hide all LiveGrid alerts until I am ready to deal with LiveGrid - force activate LiveGrid on all clients (which only by policy does not work, I am still getting the alerts) So, what can I do, please? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,242 Posted September 26, 2017 Administrators Share Posted September 26, 2017 10 minutes ago, KarolB said: So, I need to either: - hide all LiveGrid alerts until I am ready to deal with LiveGrid - force activate LiveGrid on all clients (which only by policy does not work, I am still getting the alerts) You can temporarily disable notifications about LiveGrid via a policy -> User interface -> Application statuses. Remember to remove it later when you are ready to use LiveGrid. LiveGrid will enable: - quick response to new threats without waiting hours for detection engine update - better performance thanks to omitting popular files from scanning - better cleaning of malware, especially if detected running in memory Link to comment Share on other sites More sharing options...
Recommended Posts