Jump to content

Protocol filtering is disabled


Recommended Posts

This warning appears on Win10 clients with ESET version 6.6.2086.1 and the latest agent.  The error detail shows Protocol Filtering is a subproduct of the Firewall.

We have the Firewall completely disabled via policy. 

Why do we receive a Critical error state for a component that is disabled?  How do we fix this issue?

Link to comment
Share on other sites

I should also note that all of the Firewall-related statuses are disabled (both 'Show' and 'Send') via policy, as well.

Link to comment
Share on other sites

  • Administrators

Please provide me with ELC logs generated on that machine as well as a screen shot of the main gui with the error.

Link to comment
Share on other sites

@Marcos

ERA console looks like this:

image.png.470e7c96f669ca459b44ea71a2dad6df.png

Client GUI looks like this:

image.png.901332ffc7dd18358bdb59afd8fbb144.png

image.png.e9dbc5ed18dfad30b81fd8900efc081a.png

We have email protection enabled, but not protocol filtering. This is under the 'Web and Email' policy section, so not sure why it's reported as a Firewall Subproduct.

Either way, this shows as a 'Critical' issue only on the latest 6.6 client. Previous versions do not show any errors, despite the same policy applied.

Edited by j-gray
Link to comment
Share on other sites

I disabled Email Client Integration entirely by policy. The client GUI accurately reflects that 'Email Client Protection' is disabled permanently.  However, the critical Protection Status error persists: Email protection by protocol filtering is non-functional.

In order to clear this issue I had to:

  1. Go to Web and Email policy section and turn on 'Enable application protocol content filtering'
  2. Go to Web and Email > Email Client Protection > Email Protocols and turn off 'Enable email protection and protocol filtering'
  3. Go back to Web and Email policy section and turn back off 'Enable application protocol content filtering'

I had to perform step #1 because the policy item in step #2 is enabled but grayed out and cannot be toggled.

It really seems that if you disable a parent policy (e.g. Email Client Protection) it should inactivate all child policies automatically.

 

Edited by j-gray
Link to comment
Share on other sites

  • Administrators

Protocol filtering is as crucial protection feature as real-time protection. With it disabled, you expose the computer to Internet-borne threats. Blocking of malicious urls won't work and the program won't scan http/https, imap/imaps and pop3/pop3s communication either. It could be acceptable only in case that the computer is completely offline and does not communicate over the Internet whatosever.

Link to comment
Share on other sites

On 8/10/2018 at 10:40 PM, Marcos said:

Protocol filtering is as crucial protection feature as real-time protection. With it disabled, you expose the computer to Internet-borne threats. Blocking of malicious urls won't work and the program won't scan http/https, imap/imaps and pop3/pop3s communication either. It could be acceptable only in case that the computer is completely offline and does not communicate over the Internet whatosever.

Perhaps this is the case in a home environment.  We have dedicated firewall appliances and dedicated web filters that handle this. We have no POP/IMAP clients.

Link to comment
Share on other sites

  • Administrators

It is up to you. In another topic a user claimed he didn't need to use protocol filtering because of having another web filtering solution and I proved that malware was able to slip through it while ESET was able to block it with Web protection. Having it enabled won't hurt and will only increase the level of protection from Internet-borne threats.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...