Jump to content

Eset 7.0 tampers with https traffic

Orascu Vlad

By Orascu Vlad
in ESET Endpoint Products

 Share

Recommended Posts

Orascu Vlad

Orascu Vlad 1

Posted
Posted

Hello all

Recently we had some issues with ESET.

We have Eset Endpoint Protection in our environment.

We are also using sign Sign On for some applications.

We have noticed that  SSL/TLS Protocol filtering was blocking / altering https traffic to ADFS, related to sign in info, which was preventing users from logging in to the applications.

After disabling the SSL/TLS filter (as atatched in the picture)  the sign in process succeeded.

Is this ok for this to happen?

Thank you

Capture.PNG

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

Disabling SSL/TLS filtering is not recommended, otherwise HTTPS traffic won't be filtered at all. As a result, Web Control rules may not work, malicious or scam https websites will not be blocked and possible malware downloaded via https may not be detected.

A secure solution would be excluding the particular url or certificate from filtering.

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

You can exclude the appropriate SSL/TLS communication here:

image.png

image.png

Also you can switch the SSL/TLS filtering mode from automatic to interactive so that you are prompted for an action when a secure communication is detected. After excluding the communication based on the particular certificate you can switch back to automatic mode.

Link to comment
Share on other sites
TobiMG79

TobiMG79 0

Posted
Posted (edited)

Hi,

i have some customers with endpoint antivirus with this similar problem.

some webites deploy banner-ad and their zert would block by eset...very ofter for the same zert/website.

image.thumb.png.9159279100c91d3b955536d7b914160b.png

 

All browser, all os (7,10)

 

Any Idea?

Edited by TobiMG79
Adon: users with local admin rights, dont get this windows from ESET!
Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,070

Posted
  • Administrators
Posted

Expired certificates will be handled by the browser itself soon. This change has already been made in consumer products through a module update with Endpoint to follow soon.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...