Jump to content
Aryeh Goretsky

Future changes to ESET Endpoint programs

Recommended Posts

37 minutes ago, macphail said:

Just a comment.  I received the following while trying to add a non-standard domain name to the sender filter

Please create a new topic for this. It sounds rather like a bug than something to be improved in future versions. Also provide a screen shot of the window where you enter the email address since I have no clue what you mean by "sender filter". I was able to enter an email address with the "loan" TLD in the smtp notifications setup.

Share this post


Link to post
Share on other sites

1. Make micro updates work with eset products later than 6.5 as micro updates don’t work on version 6.6.

2. When sending a block policy to the endpoint via era you first have to clear the local cache else it will not work Which is strange and very cumbersome when adding a block rule to 100 endpoints. The other way around is just the same when removing the block in the era it is not removed from the endpoint.

Share this post


Link to post
Share on other sites
3 hours ago, Glitch said:

1. Make micro updates work with eset products later than 6.5 as micro updates don’t work on version 6.6.

2. When sending a block policy to the endpoint via era you first have to clear the local cache else it will not work Which is strange and very cumbersome when adding a block rule to 100 endpoints. The other way around is just the same when removing the block in the era it is not removed from the endpoint.

1, What purpose do you use micro updates for? Do you use them on ships with an expensive satellite connection?

2, What block policy do you mean? Also what do you mean by "clearing local cache"? Do you want to block particular urls via the url management or Web control?

 

Share this post


Link to post
Share on other sites

Indeed via satellite 10usd per MB.

I Mean the webcontrol to block for example YouTube. We have tried this in our office and we found out that we have to clear the cache of chrome (or any webbrowser) before the block is actually working if you don’t clear the cache of your browser you can still visit YouTube. When you want to remove the block you have to do the same again but now in the ESET client itself as the block even when removed from the era policy will stay in place. Maybe this is more as a bug this part although our local ESET distributor told us this is how it works.

Share this post


Link to post
Share on other sites

Hi,

 

Not sure if this is the right topic for this, but why does the consumer version (Smart Security) have options for anti theft, while the business products don't offer this feature? In most cases the data on business laptops are way more valuable for users than data on consumer laptops. It would be great if Endpoint Security could have Anti Theft which could be managed by ESMC and also is accessible for the laptop owner through https://anti-theft.eset.com

Share this post


Link to post
Share on other sites

@Markwd Hello, there are two reasons. Anti-theft in consumer is focused on device retrieval, not on the data security (no possibility to wipe the disk on the device). Also, the implementation capable of tracking screenshots / photos of the users, might violate a lot of corporate laws / regulations. If Anti-theft is introduced into the business versions, it will have to behave differently. If I can ask you a question, what kind of a problem you would like to solve with it? Would it be intended for device recovery, or more a data removal / prevention of misuse ?

Share this post


Link to post
Share on other sites

@MichalJ For business proposal I would say data removal and data loss prevention would be the main reason. A possibilty to report the laptop as stolen (through a task in ESMC) so the person who then has the laptop, cannot use it and will be notified how to contact the owner of the laptop.

Tracking down the laptop or making screenshots and/or photo's by webcam would not be priority (and I can imagine this is violating at least the GDPR rules).

Share this post


Link to post
Share on other sites

Can we please have the same email account settings in client policies as are available in Server Settings in ERA/ESMC.

Currently we can't use Office 365, Hotmail (etc), gmail accounts for notifications from endpoints. I've tried with yahoo which only works some of the time. I'm sure there are other online smtp relay servers and accounts that may work, but the most common for most small businesses would be Office 365 and to a lesser extent Google.

I know I can create notifications in ERA/ESMC, but of course these are delayed based on the how long the agent connect interval is set to.

Share this post


Link to post
Share on other sites

Description:   For the Mac version of ESET, the "alert" settings should be global settings and not per-user settings.

 

Details:  We are one of the orgs moving from SCEP to ESET for now and *not* using the ERA (as we would prefer not to have to spin up yet-another-server for this.)    Apparently all the Preferences --> User --> Alerts and Notification settings are stored within a ~/.esets/gui.cfg file.   This is a problem -- especially for the "Protection Statuses" Alerts.    We need to be able to turn those off globally -- especially for computer labs where local student accounts are wiped from computers soon after they log out.   We (as computer administrators) should be able to set these globally for all users without having to massage a file into each user account every time somebody new logs into the computer.

It's nice to see that ESETs has more notifications than SCEP, but end users in a computer lab do not need to get an alert that "operating system is not up to date" (for example) when we control OS patch releases.

Edited by stevemaser

Share this post


Link to post
Share on other sites

@stevemaser have a look at the solution from this page:  https://soundmacguy.wordpress.com/2018/12/04/hello-eset-endpoint-antivirus-deployment-management-and-migrating-from-scep/

I'm in the same situation as you are.  It would be great if this were simpler.  I hate running scripts that monitor for new users to inject stuff like this.  But this is the best solution I've found at the moment, and it's working well for me to configure it for existing and new users.  Outside of an issue with Mojave's PPC asking for full disk access with the v6.7.500, but that's a separate issue. 

I'm more than a little surprised though, that the default config would be to have a dock icon for the client that could be easily closed by a simple click.  

Share this post


Link to post
Share on other sites

Description: Web control policy - Blocked webpage message: customization append/prepend/replace

Detail: The Policy's "Blocked webpage message" setting allows either:

  • blank, which causes the "Blocked" page to the default string telling why the page was blocked (Category or URL), or
  • a custom string, which replaces that default string.

But setting a custom string prevents the display of the reason for the block, guiding the user toward faster resolution in case of a/an (effectively; for the organization) false-positive.

It would be nice if the policy allowed for the custom string to either:

  • append or prepend to the default message, or
  • replace the default message, and include the reason for the block (e.g. a variable we can include).

Share this post


Link to post
Share on other sites

Description: Web control policy - Blocked webpage graphic - customizable dimensions

Detail: The Web control page says, and tests confirm that, a custom graphic is scaled to 90px x 30px.

That's really small, and prevents usage of a lot of graphics, especially ones containing circles.

Can we have option(s) for:

  • square/rectangle or,
  • scaling percentage, or
  • custom values
Edited by Sam Fonteno

Share this post


Link to post
Share on other sites

Description: Policy settings reverse-lookup

Detail: The ability in SMC/Endpoint Security to see which policy is responsible for which setting in effect on the computer.
Basically something like a GPRESULT report available for diagnosing Active Directory Group Policy Objects's effects.
A very simple example of that is shown here: https://4sysops.com/wp-content/uploads/2012/02/gpresult.exe-HTML-output.png

Share this post


Link to post
Share on other sites

@Sam Fonteno Thank you for reporting.  This is already in our backlog. However the task itself is quite expensive, due to the current logic of how policies are merged and how the resulting configuration is applied. However, we are aiming to get it resolved eventually, however I can´t as of comment on a time-frame for it. 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×