Jump to content
Aryeh Goretsky

Future changes to ESET Endpoint programs

Recommended Posts

Hello,

The goal of this message thread is to provide ESET with specific feedback on changes and new features you would like to see in future versions of ESET's Endpoint programs, such as ESET Endpoint Security, ESET Endpoint Antivirus, ESET NOD32 Antivirus for Mac OS X Dekstop and so forth. Please use the following format when providing feedback:

 

Description: A very specific one line description of your feedback.

Detail: A more detailed explanation of your feedback. Please feel free to make this any length, but be sure to use terms everyone can understand. If your suggestion is an extension or update to an existing discussion, please include a link to it in your message.

Here is an example:

Description: OS/390 support

Detail: We use an IBM System/390 at work to run line of business apps and heat our office during the winter. I think ESET should make a version of ESET File Security for OS/390.

You are welcome to discuss the merits of each and every suggestion, but keep your comments on topic, concise and thoughtful. There are other parts of the forum to discuss issues.

NOTE: When making your requests do not make general statements such as "better detection, HIPS, firewall, cleaning, and so forth." ESET's threat researchers constantly examine new threats and release updates to the virus signature database and to the modules in order to improve these functions. If you have a specific feature or functionality you would like to see added (or improved) please post it here, but general requests to "make things better" are not helpful because they do not give ESET detailed enough information. Thank you for your understanding.

Regards,

Aryeh Goretsky

Share this post


Link to post
Share on other sites

I am a former Symantec Endpoint user. I switched the whole organization over to ESET Endpoint Security because it was a far better product. But as with all comparable software, there is always something that the other guy has that you wish you had.

Description: Ability to quickly verify that ESET client is reporting back to ERA server.

Detail: With Symantec, the system tray icon is a gold shield that would display a GREEN dot whenever it was reporting to the main server. The green dot would be missing if it was not reporting to the main server. Which was a great visual aid for our end-users to see if their system is checking-in to receive the latest policy updates and definitions. It would be a great feature add-on for ESET to have a similar display icon that visually indicates that the client is checking-in with the ERA server. Perhaps have the "eset-eye" turn a different color when it is connected to the ERA server. See examples below:


Green = Normal, up to date, checked-in to ERA server

post-1822-0-18037900-1382097375.jpg

 

Blue = Normal and up to date, not reporting to ERA server

post-1822-0-65882800-1382097374.jpg

 

Red = Problem!! Needs attention!

post-1822-0-72080900-1382097376.jpg

Share this post


Link to post
Share on other sites

Description: Eset Policy converter



Detail: On release of version 5, there was a new settings tree in the remote administrator console. Even just to apply the same settings from pre version 5 to a version 5 machine it required manually selecting each option. A converter that applied one versions settings to the next version where possible and alerted to settings that had changed or could not be transferred.

Share this post


Link to post
Share on other sites

Description: Linux version of ERAS

Detail: MS licensing terms effectively prohibit running ERAS on a non-server version of Windows (at least, for post-XP). It harms SMBs trying to avoid MS Server + CAL pricing but willing to pay for Windows (usually OEM Windows) endpoint protection.

Edited by aehrlich

Share this post


Link to post
Share on other sites

Description: The ability to customize notification messages to sites that have been blocked/filtered through ERA policy.

 

Detail: Currently, when an employee is prevented from accessing a site that fits a certain category, for example "Gambling", they see a notice that the site was blocked because it fit the "Gambling" category.  It would be great if we, the IT Admins, were able to customize the warning message that the end user sees. For instance, we could customize the message to "Notify the user that the site they are accessing violates XYZ policy, etc. And to contact the Help Desk should they require further  assistance."

Edited by Aryeh Goretsky
message moved from Future Changes to ESS thread

Share this post


Link to post
Share on other sites

Description: Ability to use wildcards in paths to block traffic from application/executables
 
Detail: Frequently applications use different installation paths (for example x64 or x86 versions) or allow to run without installation. Wildcards in paths allow to block application regardless of location. 

Share this post


Link to post
Share on other sites

Description: Ability to exclude sites from Protocol Filtering by FQDN instead of just IP Address

 

Detail: We have found that in some cases, certain websites need to be excluded from Protocol filtering for the personal firewall in Endpoint Security.  In some cases, finding the IP Address for these sites is very difficult, as some sites use such a wide array of IPs. 

Share this post


Link to post
Share on other sites

Description: Ability to exclude sites from Protocol Filtering by FQDN instead of just IP Address

 

Detail: We have found that in some cases, certain websites need to be excluded from Protocol filtering for the personal firewall in Endpoint Security.  In some cases, finding the IP Address for these sites is very difficult, as some sites use such a wide array of IPs. 

 

DNS comes to mind on this request.

Share this post


Link to post
Share on other sites

Description: Ability to exclude sites from Protocol Filtering by FQDN instead of just IP Address

 

It's possible to exclude particular urls under Web protection -> URL address management.

Share this post


Link to post
Share on other sites

Description: Setup routine under the current software build is too lengthy.

DETAIL: This applies to the new version only. 

 

Redact Helper comment

Edited by siljaline

Share this post


Link to post
Share on other sites

We allow (and encourage) users to help other users. In this particular case, if a user makes a feature request and a user either sees a way the issue causing this feature request can be resolved, we absolutely encourage that user to share their knowledge. There may be other cases where one request sparks an idea for another. That's also acceptable. We're always looking for ways to improve the product and user experience. Anything that brings about positive change is welcomed and should continue to be encouraged.

Share this post


Link to post
Share on other sites

Description: Hierarchical User control within ESET Remote Administrator

 

Details: Creating users with different read\write permissions exists at a global level, but I'd like to see adding specific users to specific groups to limit the scope of systems they can see within the ERA Console. This would then dove-tail into what data they can see from the web dashboard by limiting the information to the groups that particular user has permissions to access. Likewise, adding some contact information for these users to create an internal address book would be useful as well.

 

Thanks!

Share this post


Link to post
Share on other sites

Description: Automatic update server selection depending on Zones
Detail: When I'm at my company I want to use internal update server (Profile #1, e.g. 10.170.0.21) to minimalize internet traffic. After work I bring my laptop home but internal update server won't work because the update server is not reachable. In this case would be great the automatic update server selection.

If EES notices I'm not on 10.170.0.0/24 network anymore (or it notices I've left Zone #1 - 10.170.0.0/24), it switches to Profile #2, with SelectedServer="AUTOSELECT" and predefined username and password.

Now I can create multiple update profiles but I have to switch manually when I arrive home.

Share this post


Link to post
Share on other sites

Description: Automatic update server selection depending on Zones

Detail: When I'm at my company I want to use internal update server (Profile #1, e.g. 10.170.0.21) to minimalize internet traffic. After work I bring my laptop home but internal update server won't work because the update server is not reachable. In this case would be great the automatic update server selection.

If EES notices I'm not on 10.170.0.0/24 network anymore (or it notices I've left Zone #1 - 10.170.0.0/24), it switches to Profile #2, with SelectedServer="AUTOSELECT" and predefined username and password.

Now I can create multiple update profiles but I have to switch manually when I arrive home.

 

Already possible via dual update profiles: hxxp://kb.eset.com/esetkb/index?page=content&id=SOLN3621.

Share this post


Link to post
Share on other sites

How about providing a single license purchase option? I would like to switch to Endpoint product from Smart Security since the HIPS has options I need. I don't want to buy 5 licenses though to do so.

Share this post


Link to post
Share on other sites

Description: Integration of AD Support (user and computer groups) in ERAS to create simple different dynamic groups and policys
Detail: With this feature it will be easy to manage different policy for example 3 groups for WWW (allowed // some sites allowed // all denied)
  or for USB controll (all allowed // some essets allowed // all denied)
  or for reports (special group of computers -> Software analysis)
  or some exclusion group for a policy
  Also this feature will improve the managment: I can create policys with different settings and AD groups and a "smaler" admin can change only in AD the members of the Group

 

  
Description: changing filtering option in reports
Detail: ATM you can use every filter only 1 time, please change this to create better reports
  For example i want to check new softwareinstallations for today but want to use some exclusions like "Microsoft" "Oracle" "Adobe" .... this is not possible with eras
  i do this over reading in the sql conntent of the eras db but i think over ERAS will be better ;)

 

  
Description: adding reports output
Detail: ATM you can only send by mail as attachment, it will be fine to include this optional as HTML content in the mail to read quicker the details.
  for example we have a report, when a new virus is found, if i see the infos directly i can quicker react to not cleaning cases.

  

Description: better/more optional logging in the client (if you have problems)
Detail: Actual it is not possible the log all scaning processes, we have problems to find some needed exclusions for our DPM process to backup the server.
  Eset scan something and interupt this process, so it will be fine to see what eset scan to exclude this easy.

Share this post


Link to post
Share on other sites

Description: I would really like the ability install/Update Endpoints without the clients NIC disconnecting... if that is at all possible?!

 

 

Detail: This way I could roll out updates/installs to to our 75+ individually managed sites much more easily, hopefully silently in the background without the user even knowing it was happening.

 

Having to call the customers to arrange installs/upgrades out of hours is difficult or having them log off their PCs so that no programs are affected during the network disconnect is a real pain. Multiply that over 75+ individual Eset Server setups with a combined total of several thousand PCs and it becomes impossible!

Share this post


Link to post
Share on other sites

Description: Better method for detecting unmanaged clients
 

Detail: RDS is not a practical solution in environments with multiple LANs, it can't be installed on OS X, and relies on outdated/unsupported software (WinPcap).

 

A simple ping-sweep tool that works across multiple subnets and shows unmanaged clients, or better yet, a dynamic group that does the same so that an agent install task can be run when client joins the group. This would be awesome, especially for OS X where Group Policy automated install is not an option.

Share this post


Link to post
Share on other sites

Description: Mechanism to force policy refresh on client(s) from ERA console.
 

Detail: There doesn't appear to be a way (that I've found) to force a client to pull a new policy. We either have to wait for the policy refresh interval or create a new policy with a shorter refresh interval and apply it. It would be great to have a right-click option from the ERA console to force an immediate policy refresh.

Share this post


Link to post
Share on other sites

Hello j-gray,

What do you mean by "immediate policy refresh"? You mean, that when you have performed some changes in the policy, you want the agent to connect to ERA, and start using the new settings? As of now, a wake-up call is the way. We are planning some changes to how wake-up calls are performed + for the feature we are planning to move towards a push-notification service, meaning the changes would be reflected quicker.

Just a note how it works as of now: As the communication is initiated by client in ERA, agent by default connects every XX minutes, as configured in the policy. Policy will be pulled upon next sync interval. To override the sync interval, you can use the wake up call, but the machine needs to be reachable for a network broadcast.

Share this post


Link to post
Share on other sites

Hello j-gray,

What do you mean by "immediate policy refresh"? You mean, that when you have performed some changes in the policy, you want the agent to connect to ERA, and start using the new settings? As of now, a wake-up call is the way.

Exactly. Though I view wake-up call more like wake-on-lan, requiring network broadcast, which is not a good practice across multiple subnets.

 

I'm looking for a simple 'send policy' that doesn't require network broadcast. Even if it's a basic command I can run from the client (remotely).

Share this post


Link to post
Share on other sites
On 6/11/2014 at 2:45 PM, siljaline said:

Description: Setup routine under the current software build is too lengthy.

DETAIL: This applies to the new version only. 

 

Redact Helper comment

This is very true and i hope it changes.

Share this post


Link to post
Share on other sites

Description: Multi lingual clients

Detail: A single client containing all languages would be a lot easier to maintenance. Currently one have to create, test and deploy an installer for every single language, not to mention that Windows itself is multi lingual and users of different languages share some computers.

Share this post


Link to post
Share on other sites

Just a comment.  I received the following while trying to add a non-standard domain name to the sender filter,

Error: There were problems with one or more entries.
Illegal value (.loan) for New Email Address/Domain:must be a top-level domain like 'edu' or domain like 'yourdomain.com' or email address like 'you@yourdomain.com'.

Now, I can understand why I would get this, however, spammers aren't playing by the rules so why should we have to be limited in this particular area.  I should be able to block a domain name of 'courtesy.uuggss.loan' which is used on the internet for spammers.

Please change the program so I can enter just about anything in the sender filters.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...