Jump to content

Future changes to ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator)


Recommended Posts

  • Administrators

Hello,

The goal of this message thread is to provide ESET with specific feedback on changes and new features you would like to see in future versions of ESET PROTECT (formerly ESET Security Management Center / ESET Remote Administrator). Please use the following format when providing feedback:

 

 

Description: A very specific one line description of your feedback.

Detail: A more detailed explanation of your feedback. Please feel free to make this any length, but be sure to use terms everyone can understand. If your suggestion is an extension or update to an existing discussion, please include a link to it in your message.

Here is an example:

 

Description: OS/390 support

Detail: We use an IBM System/390 at work to run line of business apps and heat our office during the winter. I think ESET should make a version of ESET File Security for OS/390.

You are welcome to discuss the merits of each and every suggestion, but keep your comments on topic, concise and thoughtful. There are other parts of the forum to discuss issues.

NOTE: When making your requests do not make general statements such as "better gui". If you have a specific feature or functionality you would like to see added (or improved) please post it here, but general requests to "make things better" are not helpful because they do not give ESET detailed enough information. Thank you for your understanding.

Regards,

Marcos

Link to comment
Share on other sites

  • Marcos pinned this topic

Nice thread, I have tens of comments to ERA server / functions. ERA is not user friendly in most cases.... 

I will post something. 

 

Description: Dynamic groups rules / tasks

Detail: I would like to be able to show all rules/tasks linked to dynamic groups. Or to be able to find where rules are linked. I would love to disable group/rules instead of only delete or edit them to dysfunction it. It is nearly imposible to read ties.

 

Description: task history deletion / filter and so on

Detail: I would like to be able to delete (mass delete) task history. I have tens of ASAP task and they are only messing in my log. 
I would like to be able to see which computers were affected by the single task when pointing to a TARGETS column. Why I have to edit history of the task to see which computer was affected? I would like to click on 1 computer(s) to open the list or show the list. 

 

Description: trigers

Detail: ASAP. Sometimes ASAP fails and I have no idea why.... Computer was online. I think rule should wait for online status or give me better feedback 

 

Description: Failed / Trace message

Detail: When I point on the FAILED status I would like to receive more information what happens without opening the HISTORY of the COMPUTER. BTW FAILED ICON should allow me to open history....   Trace message is sometimes to long and I am unable to read whole message. 

image.thumb.png.8e5d1344af6ebca0e6701b9e766c7f66.png

 

Description: Repository

Detail: Choosing ESET version from a repository is not user-friendly. I have to be very careful to chose the right version. 

 

Description: Reports

Detail: Why I cannot export report Computer name    Identifier type    Identifier value    Adapter IPv4 address Computer nameDevice manufacturerDevice modelOS nameOS versionAdapter IPv4 addressRemoteHost and so on ? When I chose some identifier other identifiers are disabled. Why? 
I would like to be able to find report using some SEARCH function.

 

Description: ELA

Detail: Why I am unable to fully maintain a license that customers gave me under my administration? I am unable to remove computers which are not activated under ERA. I have to open ELA portal using my customer's credentials. Why I can not edit ELA credentials on my ERA server? 

 

Description: Upgrade

Detail: When I am upgrading EEA using ERA I have to activate them afterward. Why? Product was already activated. 

 

Description: Variables in tasks / templates

Detail: I would like to have variables in task / dynamic groups. For example I have 4 activation tasks (4licenses). I would like to activate product which is not activated when joining dynamic group based on FOLDER group.
When computer from AAA company join the NOT ACTIVATED group, the AAA-ACTIVATE task will be used. 
When computer from BBB company join the NOT ACTIVATED group, the BBB-ACTIVATE task will be used.

 

Description: Applied policies tree

Detail: I would love to see the tree of policies which are applied on a computer and would like to be able to identify which policy rule won the policy over-ride battle. I am not satisfied with list of policies. 

 

Description: Threats infection and cleaning

Detail: I am not unable to simply perform an action on threats whir where not automatically solved by EEA. For example, I would like to choose threats and click on "DELETE" or "CLEAN" or other things. I am able to mark them only as RESOLVED :( 

 

Description: Sorting / filtering

Detail: I can filter columns by STATUs or LAST CONNECTED, but I am unable to do multi filter. For example I would like to sort all computer by WORST FUNCTIONALITY and LAST CONNECTED, because working with offline computer does not make sense. 

 

And so on.....

Link to comment
Share on other sites

  • ESET Staff

@Jaroslav Mixa Thank you for your constructive feedback. I would like to assure you, that your feedback is being heard. Below, you can find couple of notes, related to some products. 

  • @Dynamic groups rules / tasks - In the new version of ESET Remote Administrator, we will have a dedicated “group details” page, where you will see all tasks / policies set to a dynamic group and also a dynamic group template.  
  • @Task history deletion / filter and so on - I do not understand this use-case, what it is about. What do you mean “task history” ?
  • @Repository - Do you have any envisioned behavior? In the upcoming version, we will allow updates by “one click” directly from the dashboard element, so doing client tasks are not relevant.
  • @Reports – there are limitation in how reports could be assembled, which are related to internal database structures, and how various tables are combined. It´s not possible to combine all of the tables together. However, there are improvements planned for the upcoming version of ESET Remote Administrator.
  • @ELA – we will be releasing a new solution, called ESET Business Account & new version of ESET MSP Administrator (also intended for ESET resellers managing multiple customers) which will have a proper user management, and will allow full control of the product.
  • @Upgrade – is this related to upgrades from V5 to V6, or V6.x to V6.x+1?  If the first case, was the V5 having username &password set in its configuration? If it was the second case, have you contacted ESET Support, as this should not happen (and never happened in my test environment, license was always kept).
  • @Variables in tasks / templates – this can be achieved by a group hierarchy. Basically have a static group per company, and then dynamic groups placed under specific static group. For the future (most probably next year) we are working on improved automation framework + further improvements for MSPs / resellers managing multiple companies, that should simplify their management / license operation.
  • @Applied policies tree – this is a long term task, that we are working on, however it´s a complicated task to achieve. But we are aware, that finding why a specific setting is applied, when multiple policies are used.
  • @Threats infection and cleaning – we will introduce multiple changes in the upcoming release of ESET Remote Administrator, for both automated resolving, and manual resolving (actions).  
  • @Sorting / filtering – This will be possible. For the future release, we are preparing multiple changes with regards of filtering / sorting in the webconsole.

I would like to also offer you an opportunity to participate in a dedicated customer research session, where you can discuss your feedback concerning our products directly with representatives of ESET Product Management and UX teams, that can help you address them, and also inform you about planned changes in ESET Products. If you are interested, please send me a private message, we can discuss this further. 

Link to comment
Share on other sites

Description: Schedule database backup to network/email
Detail: Most UTM appliances offer feature of scheduling configuration backup to certain email or network path. I have not found this option yet in ERA VA 6.5?

Description: Schedule policy apply time
Detail: Give possibility to schedule policy. I want my employees who use notebooks to have one policy while working hours and one policy during lunch or during non working hours.

Description: Generate report for configured policy
Detail: My managers sometimes want report on how policy is configure for certain departments, employees.

Description: Policy in XML format
Detail: editing policy via XML can be done via custom built tool if you provide schema. I don't have to spend too much time in web interface. Policy can be designed by security consultant in tool and then he can send me XML for me to import to ERA.

Description: Application/Process usage report
Detail: Dashboard that would report apps/processes running on users PC and show additional data like network connections, CPU, RAM usage...something like "light" Sysinspector.

Description: Apache HTTP Proxy vs Mirror
Detail: Please give some tabular feedback/log in ERA interface what clients have downloaded and when what updates. Searching apache log in virtual machine is time consuming.

Description: ESET Authentication server
Detail: I'm using EAS in v5 to authenticate with zone. I've asked before for this feature to be ported to virtual appliance but no response was given. I have need for client firewall to know is it really on my network or somewhere else. Having trusted source that confirms to client firewall "yes you are on corporate network" is big thing for us.
Maybe you have solved this in other way that I'm not aware yet?

Description: FQDN rules in firewall
Detail: We are using many CDN content from online services, like O365, Google Drive etc. Basically, we have clients that leave network and we want them to be able to access only certain services when they are off corporate network. Some services provide IP address for firewall, some FQDN. Do you have any plan to implement FQDN rules?

Link to comment
Share on other sites

Hi Team,

 

Description: Example REST API usage with Perl / Python

Detail: An example document on how to use the API with Perl would be helpful you have one using C however I would just like to create a few script based calls to it using Perl for use with Nagios and other systems I have to integrate further with our other tools.

 

Description: Failure Details inside Web Interface,

Detail: Most of the time when a task fails it provides hardly any details why I need to follow the rabbit hole to the trace log,

 

Description: Slackware Linux Support /+ Native x64 support without 32 bit libs

Detail: I run 100s of Slackware Servers and have gone away from multilib etc, Also activate product from Remote Administrator rather than having to download an offline license for them

 

Description: Use Latest option for software install

Detail: Software install of ESET use latest option would be helpful eg tick a box and policy would always use the latest version available of eg Endpoint Antivirus when running the task

 

Description: From Dashboard take filters and generate a Dynamic Group / Action

Detail:  I forever have out of date machine on the dashboard and have to copy the filters down and go an create a dynamic group from them to trigger an upgrade can a button be incorporated ( where you have generate CSV /PDF etc ) to say generate dynamic group please

 

Thanks
Tim

 

 

Link to comment
Share on other sites

  • ESET Staff

@Tim Jones & @bbahes thank you both for your feedback, much appreciated. We will process your feedback internally, and create corresponding improvements in our feature backlog. I would like to also promote one more time, the option to participate in ESET Customer Research, where members of Product Management and User Experience staff can discuss with you your feedback about ESET products, your likes, dislikes, and ability to understand your broader security context. It gives you the ability to directly influence the future development of ESET Security solutions. We are already working with bbahes to make arrangements for the call.

If anyone here is willing to participate on a 2-hour call, concerning the feedback on ESET products, please send me an private message here on forum. Call can be conducted in either English, or Slovak languages.

Link to comment
Share on other sites

Description: md5 support

Detail: ERA should allow You to make a blacklist identied by md5 hash. In our company, sometimes we get information from external sources about files in md5 hashes, but we aren't able to block that kind of files.

Link to comment
Share on other sites

  • Administrators
8 minutes ago, Pinni3 said:

Description: md5 support

Detail: ERA should allow You to make a blacklist identied by md5 hash. In our company, sometimes we get information from external sources about files in md5 hashes, but we aren't able to block that kind of files.

This is unfortunately not possible and it's not safe either. Calculating all possible hashes for files would have a big impact on performance. Even calculating SHA1 is performed asynchronously to avoid bigger impact on performance.

Link to comment
Share on other sites

  • ESET Staff

@Pinni3 Similar functionality, to block files by hash will be added in ESET Enterprise Inspector. We have a backlog item, to have a "per hash" blacklist in our products, however as of now, it is not yet implemented. It might happen, that our Endpoints will support it in future (7.1+) versions., as it is not in scope of the 7.0. 

Link to comment
Share on other sites

2 hours ago, MichalJ said:

@Pinni3 Similar functionality, to block files by hash will be added in ESET Enterprise Inspector. We have a backlog item, to have a "per hash" blacklist in our products, however as of now, it is not yet implemented. It might happen, that our Endpoints will support it in future (7.1+) versions., as it is not in scope of the 7.0. 

Do you have in plan to put ESET Enterprise Inspector on Linux VM?

Link to comment
Share on other sites

Hello and thank you for the opportunity to provide feedback.

 

Description: Add Groups filter to Dynamic Group Template - Expression

 
 
 

Detail: It would be nice to be able to include/exclude specific groups from an expression like you can a "Computer". I have a Static Group "Remove Services" which has cascading dynamic groups to uninstall certain software and then remove the ERA agent when a client leaves our service or a machine is replaced. Another Dynamic Group is setup to install and update one of those same software packages on all Windows devices. It creates a loop of uninstalling and reinstalling the software.

Link to comment
Share on other sites

  • ESET Staff

@TechMedx That is not possible, as static group membership is evaluated on server, but dynamic group is evaluated by agent. Or you mean more advanced logic, that when a computer is a member of one DG it would not be a member of another? 

Edited by MichalJ
Link to comment
Share on other sites

@MichalJ Thanks, I guess I will stick with my current solution; High level Static Groups for "On Services" and "Remove Services" and DGs only under those high level groups. Seems to be working for me, just need to drill down through more groups.

Link to comment
Share on other sites

Description: Cancel scheduled task
Detail: Currently once a task has been scheduled you can do nothing to stop it, please add the ability to be able to cancel a scheduled task.

============================================

Description: Dynamic Group without agent
Detail: I should be able to create a Dynamic group without the need of an agent installed on the clients computer, this is extremely useful for example when i want to  create a server task to install agent on all agent less computers, also once a computer was already connected through an agent ERA anyway has all info from the computers so why do we have to wait until all computers actually connect again that the dynamic group should update? so many times i want to run a task on all computers that are named a specific way, so i create a dynamic rule then i have to wait i don't know how long until all computers connect to era so my dynamic group updates and only then i'm able to run my task.

============================================

Description: Exclude computers located in AD group from dynamic group.
Detail: The ability to filter out in dynamic group computer that are located in a AD group group, for example i currently have a dynamic group nested under "All" that filters computers that are named a specific way and are specific OS, i want to exclude computers that even if they are named and have the correct OS they still be excluded because they are located in a specific AD group.

 

Thanks

Edited by fchelp
Link to comment
Share on other sites

On 04/01/2018 at 10:09 PM, MichalJ said:
  • @Reports – there are limitation in how reports could be assembled, which are related to internal database structures, and how various tables are combined. It´s not possible to combine all of the tables together. However, there are improvements planned for the upcoming version of ESET Remote Administrator.

This is a problem of DB design and it should be solved. It is also not possible to combine reports like in V5.

@ Failed / Trace message  - some trace messages like "Task failed in the security product" are not telling us why this task failed. You should take more closer look on this.

I will add also something:

Description: LOG deletion uppon Computer deletion

Detail: When I delete computer from ERA console, all coresponding logs in "Threats" are deleted too. This is a "no way" for security product.

Link to comment
Share on other sites

  • Administrators
18 hours ago, fchelp said:
Description: Dynamic Group without agent

I should be able to create a Dynamic group without the need of an agent installed on the clients computer.

This is not possible since dynamic groups are evaluated by agent. Membership in dynamic groups must be independent from connection to ERA Server. For instance, if a user is traveling with a notebook and has no connection to ERAS and a threat has been detected, the appropriate policy or action will be taken automatically when the machine falls into the appropriate dynamic group. If dynamic groups were evaluated on the server, this would not be possible and agent would be fully dependent on connectivity to ERAS.

Link to comment
Share on other sites

16 minutes ago, Marcos said:

This is not possible since dynamic groups are evaluated by agent. Membership in dynamic groups must be independent from connection to ERA Server. For instance, if a user is traveling with a notebook and has no connection to ERAS and a threat has been detected, the appropriate policy or action will be taken automatically when the machine falls into the appropriate dynamic group. If dynamic groups were evaluated on the server, this would not be possible and agent would be fully dependent on connectivity to ERAS.

Then maybe add a third type of group, we should be able to create groups by filtering the data ERA already has, maybe this could be with limitations, like these groups shouldn't be able to get policy's etc.

Another feature that bothered me that we couldn't do.
Description: import computers from reports to task.
Detail: The ability to import list of computers to run a task on them, for example i ran a server task to install ERA on a list of computers, and it failed on some of them, i want to be able to run a server or client task on all of those failed computers (this feature could maybe solve the need to create a third type of group that gets evaluated by the data that ERA already has, as we would be able to create a report with the data we want and then run whatever tasks we want on those computers).

Thanks!

Link to comment
Share on other sites

  • ESET Staff

@fchelp For the version 7.1 we are planning improvement related to asset tagging (assigning tags to computers based on meeting criteria) and then using those for filtering / automation. Also, in the upcoming version of 7.0, it will be possible to to save "filter sets", with kept values, that will allow to quickly filter relevant web console sections, with those.  I do understand the use-case, and you can be assured, it´s in our plans. 

Also, you can drill-down from the report results, choose the computers into the "computers pane" and then do an action / task. Isn´t this sufficient? 

The same is valid for the "import computers from reports to task" (7.1). 

Edited by MichalJ
Link to comment
Share on other sites

  • ESET Staff
19 hours ago, fchelp said:

Description: Cancel scheduled task
Detail: Currently once a task has been scheduled you can do nothing to stop it, please add the ability to be able to cancel a scheduled task.

What do you mean by this? You mean, to stop task which is already running? As you can easily remove "trigger", or targets for a trigger. Thank you.

Concerning the other two topics, for the "static group exclusion" in DG, it´s a problem, as I have stated before. Agent does not know, to which static group it belongs, as this information currently resides only on the server. We are however tracking improvement for that one. 

Concerning the "DG without agent", there are more options - filters in sections, but primarily planned asset tagging feature for 7.1. 

Link to comment
Share on other sites

2 hours ago, MichalJ said:

What do you mean by this? You mean, to stop task which is already running? As you can easily remove "trigger", or targets for a trigger. Thank you.

Could you please point me to the right directions? because as far i'm concerned there is no place you configure triggers except when choosing targets, and there is no option to remove planned executions.

2 hours ago, MichalJ said:

Concerning the "DG without agent", there are more options - filters in sections,....

Could you please elaborate?

 

Thanks

Link to comment
Share on other sites

  • ESET Staff

@fchelp

You can open the individual task entry in Admin / Client tasks, by the little "+" expand button, and then toggle a context menu for individual entry. You can remove individual triggers, or eventually even edit targets. Screenshot attached.

In the next version (7.0) we will be adding possibility to save a filter set, for a various conditions (un-managed computers, computers without security product installed, computers with a specific security product version ...). You will then get the filtered view on top of all computers by few clicks. However, you won´t be able to automate like you do for Dynamic Groups. However, for the future, we are working on more in-depth server side automation, where defined conditions will result in "tagging" a computer, and automation framework will check "assigned tags" and trigger actions based on them. This won´t be done to 7.0, as the feature is a bit complex, but it´s being worked on. Filter sets are below, on the screenshot.

filter sets.png

edit trigger.png

Link to comment
Share on other sites

Description: Select multiple
Detail: The ability to select one computer, hold down shift and select another computer, all computers in between should become selected.

Link to comment
Share on other sites

 

21 hours ago, MichalJ said:

edit trigger.png

Description: Reuse old triggers
Detail: Since you pointed out that the triggers are editable, i think that when we select a computer and run a task on it (from the actions menu), it should ask us if we want to use an existing trigger, or if we want to create a new one, or maybe even more, when executing a task from the actions menu, it always runs with a "Execute ASAP" trigger, so why can't it just reuse always the same trigger instead of creating new triggers for every time, the reason i'm asking it, as i keep on running tasks and my list of triggers is growing, and here comes my second recommendation.

2018-01-16_105643.png.b82a28f7d3916e3ff0f603f1d67ae1eb.png

Description: Delete multiple triggers
Detail: The ability to delete multiple triggers at once (maybe by adding check boxes next to the triggers).

 

Thanks

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...