puff 1 Posted September 12, 2018 Posted September 12, 2018 Since upgrading to ESMC and v7 my servers constantly display these two security risks. I don't want either feature turned on for servers and would like to just disable the notification. I've looked in the policy setting for my servers under User Interface>Application Statuses, but these two applications are not listed in the File Security for Windows Server policy. I do see the two application statuses in my Endpoint for Windows policy, but that policy is of course not applied to the servers. How can I disable these notifications?
Administrators Marcos 5,462 Posted September 12, 2018 Administrators Posted September 12, 2018 Enabling / disabling email client protection does not make any difference in terms of resource consumption or stability; we recommend keeping it enabled even if you don't use email clients on the server. Anyways, you should be able to disable a particular application status notification under User interface -> Application statuses. Protocol filtering should be always turned on as long as a computer is connected to the Internet. Even if you don't run browsers to browse the Internet on the server, web protection can save you if a malicious file or script happens to run; in such case it can stop further payload from being downloaded and run. Again, it's possible to disable that application status.
puff 1 Posted September 12, 2018 Author Posted September 12, 2018 Hi Marcos, Thanks for the tip, but as stated I don't see those applications in the File Security for Windows Server policies: They're listed under "WEB AND EMAIL" in my Endpoint policy, but they're not listed under any of those categories in the File Security policy.
mfichera 2 Posted October 29, 2018 Posted October 29, 2018 I've noticed this on all of my Windows Servers as well. The only servers without this notification are Server 2016. I know this is an old topic, but it is still relevant.
ESET Staff MichalJ 434 Posted October 31, 2018 ESET Staff Posted October 31, 2018 Hello, we have released a new configuration engine module, that allows configuration of those errors on the client (locally in advanced settings). However a CE module for ESMC / ERA has not yet been released. I will check with devs, when this is scheduled. Afterwards, you will be able to disable those warnings. Peter Randziak 1
jdashn 12 Posted November 8, 2018 Posted November 8, 2018 @MichalJ Any chance you were able to get a release date? Thanks!! Jdashn
ESET Staff MichalJ 434 Posted November 8, 2018 ESET Staff Posted November 8, 2018 @jdashn Unfortunately, not yet. It´s in the process of preparation, but as of now, I can´t provide any detailed answer.
Nadav 0 Posted December 27, 2018 Posted December 27, 2018 ?Hi, Is there any update about the issue ? I'm experiencing it as well.
Administrators Marcos 5,462 Posted December 27, 2018 Administrators Posted December 27, 2018 CE ERA module 1663.15 was released on pre-release update servers on Dec 13. On regular update servers it will be released probably in Jan/Feb 2019.
StevenBruce 0 Posted February 11, 2019 Posted February 11, 2019 @Marcos Has there been any update since December re: this issue? We're still experiencing this with a number of server managed by ESMC 7 that don't have any email clients installed. Configuration module is v1663.15 (20181129) so I'm not sure if that is the most recent verson mentioned in your previous post?
Administrators Marcos 5,462 Posted February 11, 2019 Administrators Posted February 11, 2019 The module was released for the public on Jan 29 and contains the protocol filtering application status in the EFSW policy: For those who come across this topic I'd like to emphasize that protocol filtering and web access protection should always be kept enabled since it provides a strong protection layer for Internet-borne threats. Also numerous times it has blocked malware on servers when an attacker gained access to the server and attempted to run ransomware or other malware from attacker's local TS shares.
Recommended Posts