Email protection by client plugins is non-functional & Protocol filtering is disabled

[puff 1]

Since upgrading to ESMC and v7 my servers constantly display these two security risks. I don't want either feature turned on for servers and would like to just disable the notification. I've looked in the policy setting for my servers under User Interface>Application Statuses, but these two applications are not listed in the File Security for Windows Server policy.

I do see the two application statuses in my Endpoint for Windows policy, but that policy is of course not applied to the servers.

How can I disable these notifications?

[Marcos 5,127]

Enabling / disabling email client protection does not make any difference in terms of resource consumption or stability; we recommend keeping it enabled even if you don't use email clients on the server. Anyways, you should be able to disable a particular application status notification under User interface -> Application statuses.

Protocol filtering should be always turned on as long as a computer is connected to the Internet. Even if you don't run browsers to browse the Internet on the server, web protection can save you if a malicious file or script happens to run; in such case it can stop further payload from being downloaded and run. Again, it's possible to disable that application status.

[puff 1]

Hi Marcos,

Thanks for the tip, but as stated I don't see those applications in the File Security for Windows Server policies:

They're listed under "WEB AND EMAIL" in my Endpoint policy, but they're not listed under any of those categories in the File Security policy.

[mfichera 2]

I've noticed this on all of my Windows Servers as well. The only servers without this notification are Server 2016.

 

I know this is an old topic, but it is still relevant.

[MichalJ 434]

Hello, we have released a new configuration engine module, that allows configuration of those errors on the client (locally in advanced settings). However a CE module for ESMC / ERA has not yet been released. I will check with devs, when this is scheduled. Afterwards, you will be able to disable those warnings. 

[jdashn 12]

@MichalJ

Any chance you were able to get a release date? Thanks!!

 

Jdashn

[MichalJ 434]

@jdashn Unfortunately, not yet.  It´s in the process of preparation, but as of now, I can´t provide any detailed answer. 

[jdashn 12]

@MichalJ

Thanks for the update!!

 

Jdashn

[Nadav 0]

?Hi,

Is there any update about the issue ?
I'm experiencing it as well.

[Marcos 5,127]

CE ERA module 1663.15 was released on pre-release update servers on Dec 13. On regular update servers it will be released probably in Jan/Feb 2019.

[StevenBruce 0]

@Marcos Has there been any update since December re: this issue? We're still experiencing this with a number of server managed by ESMC 7 that don't have any email clients installed. Configuration module is v1663.15 (20181129) so I'm not sure if that is the most recent verson mentioned in your previous post?

[Marcos 5,127]

The module was released for the public on Jan 29 and contains the protocol filtering application status in the EFSW policy:

For those who come across this topic I'd like to emphasize that protocol filtering and web access protection should always be kept enabled since it provides a strong protection layer for Internet-borne threats. Also numerous times it has blocked malware on servers when an attacker gained access to the server and attempted to run ransomware or other malware from attacker's local TS shares.