Jump to content
Marcos

Future changes to ESET Security Management Center / ESET Remote Administrator

Recommended Posts

Description: change behaviour of adding new file/folder exclusions #1
Detail: I need to exclude all *.mdb files in c:\test and all subfolders
Currently I can exclude *.mdb files only in the top folder (c:\test) but not in the subfolders

Description: change behaviour of adding new file/folder exclusions #2
Detail: I would like to exclude all *.vhdx files, but without specifying folder/drive (ESMC says when setting this in policy: "Invalid path")
If I type "\*.vhdx" into the field, I can save it, but if I scan a test file manually, the log file still shows: "Number of scanned objects: 1", so the exclusion doesn't work.


Description: change behaviour of adding new file/folder exclusions #3
Detail: if I import a txt file which contains correect and incorrect folder exclusion, ESMC says: "Not all input data have been imported".
And it imports the list partially, but doesn't show the not importable item(s). It would be nice, if ESMC show a message with the incorrect, not importable items.


 

Share this post


Link to post
Share on other sites

Description: change behaviour of adding new file/folder exclusions #4
Detail: in ESMC policy, adding folder exclusions
c:\test\*    works
c:\test*\*   doesn't work, "invalid path"

Share this post


Link to post
Share on other sites

Description: ability to add process path containing environment variable:
Detail: in ESMC policy, add process exclusion
%systemroot%\System32\Vmms.exe   doesn't accept, "Invalid value"
c:\windows\System32\Vmms.exe    this works

+1: same value can be added multiple times

Edited by ludolf
+1

Share this post


Link to post
Share on other sites

Description: ability to export folder exclusions from ESMC policy
Detail: to migrate exclusions from one policy to another

Share this post


Link to post
Share on other sites
Just now, ludolf said:

Description: ability to add process path containing environment variable:
Detail: in ESMC policy, add process exclusion
%systemroot%\System32\Vmms.exe   doesn't accept, "Invalid value"
c:\windows\System32\Vmms.exe    this works

I was able to add this path to Firewall rule. Where are you adding this rules?

Share this post


Link to post
Share on other sites

here: ESMC, select policy (product: Eset File Security for Windows Server), 

Detection Engine, Processes Exclusions, Processes to be excluded from scanning

 

Share this post


Link to post
Share on other sites

@ludolf I have reported those requirements to the EP development team, as they are EP related. ESMC just visualizes policy controls, made for Endpoint. But it´s OK, that you have reported it here, as ESMC s the primary interface for controlling Endpoints.

Share this post


Link to post
Share on other sites

Description: reconsider MariaDB support

Detail: RHEL8 is coming. ESMC should try to support MariaDB, and not lock itself to some old mysql 5.6 version. it is hard to install old mysql.

Share this post


Link to post
Share on other sites

@tbsky We are not planning to add mariaDB support. Due to our journey to the cloud and also multi-platform compatibility, we will most likely work on the support of MySQL 8 for next major release of ESMC 

Share this post


Link to post
Share on other sites
19 hours ago, MichalJ said:

@tbsky We are not planning to add mariaDB support. Due to our journey to the cloud and also multi-platform compatibility, we will most likely work on the support of MySQL 8 for next major release of ESMC 

Hi:

   I think mariaDB is multi-platform compatibility also. few people like Oracle/MySQL, but it is better than nothing. at least we can install ESMC at linux :)

Share this post


Link to post
Share on other sites

Description: Checkbox 'Automaticlly Reboot when needed' default set to disabled. / off.

Detail: Currently we are executing tasks with no need for a reboot and sometimes we do. But since we also execute tasks on our servers, leaving the default setting 'checked' being quite dangerous. 

See attatchment. This is the checkbox we would like to be disabled on default. 

 

chrome_2019-02-08_14-25-32.png

Share this post


Link to post
Share on other sites

Description: Create dynamic groups for the following problem: "macOS is preventing ESET Security Product from accessing some folders."


Detail: I would like to create a dynamic group for computers with the following problem, but I can't select this problem at the new template creation, even though it's a reported problem, it's not in the list: "macOS is preventing ESET Security Product from accessing some folders."

Edited by SysEPr

Share this post


Link to post
Share on other sites

@SysEPr Thank you for pointing this out. I have created a development task for both adding this one specific problem, but also having those problems in an update-able fashion, meaning we would be able to dynamically update those capabilities when a new client with a new error is being released. 

Share this post


Link to post
Share on other sites

Description: Policy settings reverse-lookup

Detail: The ability in SMC/Endpoint Security to see which policy is responsible for which setting in effect on the computer.
Basically something like a GPRESULT report available for diagnosing Active Directory Group Policy Objects.
A very simple example of that is shown here: https://4sysops.com/wp-content/uploads/2012/02/gpresult.exe-HTML-output.png

Share this post


Link to post
Share on other sites

Description: Run task with limited permission set


Detail: Our admins have limited permission sets on ESMC, meaning they don't have "write" access for the "Software install" and "Run command" client tasks, only read and use. We have software installation tasks pre created, that install the ESET Endpoint security. If they select clients, they can run these tasks on these clients (via the "Run task..." command), but when they try to use it from the "Last used tasks" context menu, it's grayed out, or when they try to rerun a task also from the context menu on the device details page under task executions, they get a "Failed to run task: no access" message. It doesn't make sense, because they can just select "Run task...", and run it that way on the clients, and it runs perfectly, however, it's way more steps that could be jut one click. The same permission set on ERA used to give the same error message on the device details page, but it used to work perfectly from the context menu under the last used tasks, which made sense, and was less annoying. On ESMC I think the expected way it should work is that both should work (they should be able to create triggers, since that's what those features do), they just shouldn't be able to create an actual new task "Software install" task. 

Share this post


Link to post
Share on other sites

Description: Dynamic groups building on other dynamic groups


Detail: We would like to create dynamic groups where they can't be part of that group until they are part of another group. Let's say they have an outdated agent, and until that is not resolved (a.k.a they are part of that dynamic group), they can't be part of a different dynamic group that says that they have to be not part of that other one.

Share this post


Link to post
Share on other sites
7 hours ago, SysEPr said:

Detail: We would like to create dynamic groups where they can't be part of that group until they are part of another group. Let's say they have an outdated agent, and until that is not resolved (a.k.a they are part of that dynamic group), they can't be part of a different dynamic group that says that they have to be not part of that other one.

You can create  nested dynamic groups, ie. dynamic groups under another dynamic group.
 

Share this post


Link to post
Share on other sites
4 hours ago, Marcos said:

You can create  nested dynamic groups, ie. dynamic groups under another dynamic group.
 

But that means its part of the it if it's part of the one above, but how do you achieve a NOT scenario?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×