Jump to content

Future changes to ESET Endpoint programs


Aryeh Goretsky
 Share

Recommended Posts

Include BadUSB Prevention like G Data's USB Keyboard Guard. That would be cool. It scans all connected devices and after that, every other/new connected usb device will need to be allowed manually. user interaction or by eset protect backend.

Link to comment
Share on other sites

On 10/18/2020 at 2:57 PM, Benjamin82 said:

Is Application Control/Whitelisting still on the product roadmap?  It's becoming commonplace in most endpoint products.  Currently I typically use the now deprecated (but still working) Software Restriction Policies built into Windows, in conjunction with ESET.  Kaspersky in particular has made their whitelisting very configurable in their Endpoint Security for Windows product (https://support.kaspersky.com/KESWin/11/en-US/165718.htm), and can handle whitelisting based on hash, file path, certificate, etc. (similar to SRP and Applocker).  There are some dedicated third party solutions for handling application whitelisting as well, such as Airlock Digital (https://www.airlockdigital.com/), and even ManageEngine recently launched a new offering (https://www.manageengine.com/application-control/?pos=Allprod&cat=ITS&loc=links&prev=AB2).  But it would be very handy to have this sort of control available in ESET Endpoint products.

What i'm doing atm is: HIPS Rules which are denying any execution from explorer.exe and then an additional rule which allows explorer.exe to start mspaint.exe, winword.exe, and so on. (not 100% bulletproof, but a good way to restrict the normal user) - you can use this for any kind of applications and executions. restrict starting executables out of an winrar archive, - maybe this helps you.

Link to comment
Share on other sites

Description: Add preconfigured rules for HIPS / Exploit Blocker

Detail:  Eset does not have alternatives to the full set of rules from Microsoft Defenter Attack Surface Reduction (hxxps://docs.microsoft.com/de-de/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction) but has a KB for adding HIPS Rules for some exploits (KB6119).

Request: My suggestion is to take the rules form KB6119, add the missing features from Attack Surface Reduction and add them as preconfigured options to HIPS or Exploit Guard.

Link to comment
Share on other sites

Description: use of Webcontrol depending on location

 

Detail: we dont wnat that the users access specific sites if they are in the office (like shopping, gaming,...)
but we don't care if they do it in their leisure time at home. Therefore a networkbased policy would be great!

Link to comment
Share on other sites

  • Administrators
1 hour ago, me myself and i said:

Description: use of Webcontrol depending on location

You can accomplish this leveraging time slots:

image.png

image.png

image.png

image.png

Link to comment
Share on other sites

  • 4 months later...
  • Most Valued Members
Posted (edited)

Description : MATE Desktop support for Linux Endpoint GUI

Detail : MATE is being used by several distributions including Ubuntu , if it's possible to have support for that Desktop for the GUI.

 

Thanks.

Edited by Nightowl
Link to comment
Share on other sites

  • 1 month later...

Description: make modules updates on Linux possible using a local directory

 

Detail: when using ESET products in an offline environment I am able to update the antivirus modules from a local drive or directory on Windows machines, but I can't seem to find the way to do that on Linux machines. The only way I managed to do it is to use a http server on the machine and then use hxxp://localhost/<path>/<to>/<repo> as the update server, but I would prefer to use a simple path without having to setup a http server on each machine. 

Link to comment
Share on other sites

  • Administrators
9 minutes ago, MatthiasU said:

Description: make modules updates on Linux possible using a local directory

It should work. In case of problems, please open a support ticket with your local ESET distributor.

Link to comment
Share on other sites

19 minutes ago, Marcos said:

It should work. In case of problems, please open a support ticket with your local ESET distributor.

How do you configure it then ? I can't find the field in the UI (using either CentOS 8 or openSUSE 15) and using the CLI there's a --server option but nothing related to local directory..

Hope I don't interfere with the topic asking that here.. Thanks in advance for your response.

Link to comment
Share on other sites

  • 1 month later...

Can we please have an option in "Web and Email / Web Control" to create rules to block websites based on keyword.

For example, for an unproductive student, we don't want to block youtube completely as this is sometimes required for their school work, but we do want to block youtube videos on for example Minecraft. 

Now admittedly we are assuming every youtube page with a Minecraft video will have the word 'minecraft' on that page, but most probable will, so at least this rule would block most of these videos.

This is just one example of many that we could come up with to block content that is not currently covered under the set categories, and where blocking based on url is not practical.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...