Jump to content

Archived

This topic is now archived and is closed to further replies.

puff

Email protection by client plugins is non-functional & Protocol filtering is disabled

Recommended Posts

Since upgrading to ESMC and v7 my servers constantly display these two security risks. I don't want either feature turned on for servers and would like to just disable the notification. I've looked in the policy setting for my servers under User Interface>Application Statuses, but these two applications are not listed in the File Security for Windows Server policy.

I do see the two application statuses in my Endpoint for Windows policy, but that policy is of course not applied to the servers.

How can I disable these notifications?

Share this post


Link to post
Share on other sites

Enabling / disabling email client protection does not make any difference in terms of resource consumption or stability; we recommend keeping it enabled even if you don't use email clients on the server. Anyways, you should be able to disable a particular application status notification under User interface -> Application statuses.

Protocol filtering should be always turned on as long as a computer is connected to the Internet. Even if you don't run browsers to browse the Internet on the server, web protection can save you if a malicious file or script happens to run; in such case it can stop further payload from being downloaded and run. Again, it's possible to disable that application status.

Share this post


Link to post
Share on other sites

Hi Marcos,

Thanks for the tip, but as stated I don't see those applications in the File Security for Windows Server policies:

Capture.JPG.794928d31b2c02f2cc81dbdd48b6de7b.JPG

They're listed under "WEB AND EMAIL" in my Endpoint policy, but they're not listed under any of those categories in the File Security policy.

Share this post


Link to post
Share on other sites

I've noticed this on all of my Windows Servers as well. The only servers without this notification are Server 2016.

 

I know this is an old topic, but it is still relevant.

Share this post


Link to post
Share on other sites

Hello, we have released a new configuration engine module, that allows configuration of those errors on the client (locally in advanced settings). However a CE module for ESMC / ERA has not yet been released. I will check with devs, when this is scheduled. Afterwards, you will be able to disable those warnings. 

Share this post


Link to post
Share on other sites

@jdashn Unfortunately, not yet.  It´s in the process of preparation, but as of now, I can´t provide any detailed answer. 

Share this post


Link to post
Share on other sites

?Hi,

Is there any update about the issue ?
I'm experiencing it as well.

Share this post


Link to post
Share on other sites

CE ERA module 1663.15 was released on pre-release update servers on Dec 13. On regular update servers it will be released probably in Jan/Feb 2019.

Share this post


Link to post
Share on other sites

@Marcos Has there been any update since December re: this issue? We're still experiencing this with a number of server managed by ESMC 7 that don't have any email clients installed. Configuration module is v1663.15 (20181129) so I'm not sure if that is the most recent verson mentioned in your previous post?

Share this post


Link to post
Share on other sites

The module was released for the public on Jan 29 and contains the protocol filtering application status in the EFSW policy:

image.png

For those who come across this topic I'd like to emphasize that protocol filtering and web access protection should always be kept enabled since it provides a strong protection layer for Internet-borne threats. Also numerous times it has blocked malware on servers when an attacker gained access to the server and attempted to run ransomware or other malware from attacker's local TS shares.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...