hungtt 1 Posted April 19, 2017 Share Posted April 19, 2017 Hi all, How can I create HIPS rule block application on clients from ERA. As attach file, I need to know "Specify file path" of application on client but I don't know exactly "Specify file path" of application on client, I just know application installed on client. So can I get this information on ERA server ? Thanks. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,704 Posted April 19, 2017 Administrators Share Posted April 19, 2017 Probably the best would be to connect via RDP or a remote admin tool to find out the location of the desired executable. Link to comment Share on other sites More sharing options...
hungtt 1 Posted April 19, 2017 Author Share Posted April 19, 2017 Thanks your advice. Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 430 Posted April 19, 2017 ESET Staff Share Posted April 19, 2017 (edited) It´s currently not possible. Reason is quite simple, to be able to identify the file path to all of the applications, you will have to report basically each executable location to ERA which will increase the database load, and could have a negative impact on the performance. However, blocking by hash, from a reported catalogue of applications is planned in Q4/2017. Edited April 19, 2017 by MichalJ Link to comment Share on other sites More sharing options...
hungtt 1 Posted April 19, 2017 Author Share Posted April 19, 2017 Thanks MichaIJ Link to comment Share on other sites More sharing options...
Recommended Posts