Jump to content
Marcos

Future changes to ESET Security Management Center / ESET Remote Administrator

Recommended Posts

Hello @dmartos - Lloged in user is available in the computer details. We are also tracking an improvement to populate / show the entry in the computers table. 

Share this post


Link to post
Share on other sites

Description: iOS policy to disable iMessage

Detail: We need the ability to disable iMessage on iOS devices via ESMC/MDM in order to effectively use 3rd party backup tools. The tools can backup SMS, but not iMessage. 

Share this post


Link to post
Share on other sites
Posted (edited)

Hello,

It will be useful to get  ip addresses in Lost & found too (computers without the agent installed).

Or something to show if a computer is active/online so i can push the agent to this computer only and not in all the category.

image.png

image.png

Thanks,

Peter

 

 

Edited by pps
edit

Share this post


Link to post
Share on other sites

Hello @pps You get IP addresses only from computers that have agents deployed, as it’s the agent who is responsible. What you can do, is to install rogue detection sensor, which could help you to add machines which are alive.

Also, to double-check, can you please provide details about how you added that machines in Lost And Found group? 

Share this post


Link to post
Share on other sites

Hey Guys, long time didnt been here, but I have couple of things that I think should be considered in future releases.

1. Add static group as a filter into building dynamic group. I have 30+ "main static groups". When I say "main static groups" I mean, 2nd degree static groups (1st degree is ALL) and I want to build dynamic group that will be filtering computers only from those static groups.

2. When building reports, I can add static group name as a column. There is a lack of doing 2nd degree static group or displaying full path of computer All\static group#1\static group#2\static group#3\computer name

3. There should be some output for comitted changes within console. I had couple of situation when some admin added client task, modified it or even removed it. It could be writen within some txt file.

4. Lack of era proxy in 7th generation of console is real problem when I use linux installation. Mysql allows only 10k connection at one time. If There would be proxy, I would be able to aggregate those connections and connect many more of clients

Share this post


Link to post
Share on other sites
On 4/21/2019 at 8:53 PM, MichalJ said:

Hello @pps You get IP addresses only from computers that have agents deployed, as it’s the agent who is responsible. What you can do, is to install rogue detection sensor, which could help you to add machines which are alive.

Also, to double-check, can you please provide details about how you added that machines in Lost And Found group? 

Hello @MichalJ just make an AD synchronization and get the computers from there.

Share this post


Link to post
Share on other sites

Hello @Pinni3. To get to your points: 

  1. For that purpose, we allow nested dynamic groups. Meaning you have your 30 static ones, each one of them could have nested dynamic groups. Our you want to set it in a way, that you for example put the DG under "all" but then say that it needs to be only in the following static groups. Challenge is, that DG is evaluated on the Agent side, and Agent does not always know, in which SG it belongs to (if you move a client, it will need to recalculate all policy assignments for example). Therefore the nested concept. 
  2. We are already tracking improvement for that (Internal reference - IDEA-1100)
  3. We are working on better auditing changes, to track who / what / when / how was done. (internal reference - IDEA-1371
  4. I am not completely sure what´s the problem here. Purpose of ERA proxy was just to aggregate the data, but at the end it was sent to ERA server, so the amount of DATA sent is not increased when Proxy was deprecated. Just the ESMC server handles more connections directly, due to a changed replication protocol. Also, AFAIK we have bigger installations than 10k on MySQL. Maybe @MartinK can provide some more information on this. 

Share this post


Link to post
Share on other sites
4 hours ago, MichalJ said:

I am not completely sure what´s the problem here. Purpose of ERA proxy was just to aggregate the data, but at the end it was sent to ERA server, so the amount of DATA sent is not increased when Proxy was deprecated. Just the ESMC server handles more connections directly, due to a changed replication protocol. Also, AFAIK we have bigger installations than 10k on MySQL. Maybe @MartinK can provide some more information on this. 

Unfortunately I am al so not sure how it was meant. We are officially declaring maximal number of managed clients to 10000 when using MySQL database, but it is not related to number of actually connecting clients, but rather limit is amount of data. ESMC installed over MySQL might have performance issues with processing larger amount of data and rendering larger datasets. As an result rendering of specific reports (threats for example) might be much slower, but in "clean" network even much larger environments can be managed with MySQL-based ESMC installation.

Persistent connections as introduced in ESMC should actually significantly reduce load of ESMC server, especially in "dormant" state when no changes are made in management console. If properly configured on recommended HW, ESMC should handle hundreds of clients per second.

Share this post


Link to post
Share on other sites

Description : Installed windows Updates & Hotfix list show in Computer Details. 

Details: ESMC show only installed Application details, but installed updates & hotfix details not show in ESMC v7.

Share this post


Link to post
Share on other sites

Hello @Haresh2015 Thank you for reporting. We have such request already in our backlog, however it was not yet planned for future releases due to other priorities. But it has been requested already in the past. 

Share this post


Link to post
Share on other sites

Description : Add variable for COMPUTER DESCRIPTION

Details: We use COMPUTER DESCRIPTION to denote workstation position and/or users and would like to include this field in notification messages. 

 

image.thumb.png.9aafd030956f1bcc2cc00970a0c52f52.png

Share this post


Link to post
Share on other sites

Hello @bbahes I have added your request to our improvement backlog. It´s out of scope for the future version though, as scope of that one is already closed. 

Share this post


Link to post
Share on other sites

Description:

  Remotely reset Agents' information using a 'secret key' that will reset where the Agents report to.

Details:

 At the moment, using the GPO method of deploying agents is 'simple' enough; but if the ESMC server suffers a hiccup/goes away(for some reason), the ESMC must be installed/reinstalled; thusly the old agents won't be able to communicate with the new ESMC server.   Having the ability to set up a 'secret' on the EMSC that can be used to connect to all old-agents and have them reapply the new server information would make life easier.  (At this moment, I'm still recovering from a server failure and can't seem to be able to get all of the agents installed properly via gpo, even with the new 'install_config.ini' file set up.)  So having this kinda trouble, I've had to go into each system, run esetuninstaller and then have they run gpupdate to get themselves updated) and even then that's not working all the time. [note: I do admit that it is possibly a PEBCAK problem.]

On the flip side, this could lead to security issues (particularly since this is somewhat akin to adding a 'backdoor'), so I'm not sure if this is a good idea.  

Share this post


Link to post
Share on other sites

Description: Ability to update PFX associated with MDC policy programmatically rather than through web interface.

Detail: We have MDC using a Let's Encrypt signed cert. These certs get auto-generated every 90 days via a cronjob. Currently, while the cert itself (a PKCS#12 PFX file) gets created successfully on schedule, I must manually edit the MDC policy within the ESMC web console to upload the new PFX to the policy. I would like to be able to instead import the new PFX file directly to the policy, possibly by way of a Linux command line tool whose command I can include within the Let's Encrypt cronjob.

An [easier?] alternative would be to allow the MDC policies to link to a hard file path for the PFX. That way I could just replace the PFX file as needed, restart the eramdmcore service, and allow the policy to simply pick up the new PFX on load.

Thanks!
Robbie // The Bald Nerd

Share this post


Link to post
Share on other sites
Posted (edited)

Description: Custom identifiers

Detail: In an environment where management of devices is mixed, it would be nice if there was a way to gather a custom value or provide a script that can return a custom value for display in the details of a system.

In our case the built in identifiers are unreliable; hostnames are managed independently by different management parties, the IP reported is the IP assigned to the adapter (so when the server is behind NAT, it's not useful), mobo SNs don't get set by the manufacturer so just return N/A or a default 0123456789.  So, for at least us, on setup, we add a custom registry or configuration value to our Windows or Linux systems for monitoring and tracking (it's also affixed to the physical box).  Being able to have it retrieve a registry value or run a batch/bash script that'll return a value would be highly useful for tracking purposes.

I thought about having each client run a custom command with the "run command" client task; however, as far as I can tell, it does not seem to record or return any information back to the server other than a success/failure.  We've considered using this approach, but then posting that data to a logging site, but that then requires more port allowances, would be difficult to match up exactly, and is inefficient, so something built in would be preferred.  

TBH, I'm surprised there isn't just a way to return some custom information in general, as that seems like it would be in general really handy, not just in terms of computer identification, but giving admins the ability to check for different statuses of OS or other values as needed.

Edited by SunnyJ
typo

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...