Jump to content

Archived

This topic is now archived and is closed to further replies.

roga

what is the easiest way to roll out password protection on eset products?

Recommended Posts

My understanding is that to password protect eset products on a managed system (esmc) the agent needs to be password protected.

1) Am I correct that this is the way to password protect?
2) What is the easiest way to do this for a managed network?

regards

Roga

Share this post


Link to post
Share on other sites

If you want to prevent local users from modifying settings and uninstalling ESET, the simplest way is to set this via policy. You can configure password in policy per individual application (Endpoint for Windows, and others).

So just setup your ESMC, deploy agents, and configure the password protection policies. 

Share this post


Link to post
Share on other sites

Hi @MichalJ Thanks for the quick response

I am trying to mitigate the system following a ransomeware infection which managed to disable eea and efs, will password protection from policy prevent diasabling of protection? - it was my understanding that we also need to protect agent to stop it being disabled

Share this post


Link to post
Share on other sites

The best things to do is to: 

  1. Password protect the install of Endpoint
  2. Password protect the install of Agent
  3. Make sure the self-defense of Endpoint is enabled (it protects also the process of the agent) 

Share this post


Link to post
Share on other sites
8 minutes ago, MichalJ said:

The best things to do is to: 

  1. Password protect the install of Endpoint
  2. Password protect the install of Agent
  3. Make sure the self-defense of Endpoint is enabled (it protects also the process of the agent) 

So back to original question - what is easiest way to roll out password protection of agent on a managed system?

Share this post


Link to post
Share on other sites
  1. Deploy agent
  2. Configure the password protection policy for it (for agent)
  3. Configure the password protection policy for all of the security products deployed 

Share this post


Link to post
Share on other sites
14 minutes ago, MichalJ said:
  1. Deploy agent
  2. Configure the password protection policy for it (for agent)
  3. Configure the password protection policy for all of the security products deployed 

Thanks @MichalJ

I had already guessed that, so I guess I should clarify my question:
I have esmc, all of  the clients are managed (windows servers and workstations).
In the above scenario, what is the easiest (least work) way to deploy the agent? Is this something that can be done as a client task, or do I need to run that agentinstall bat file?

Share this post


Link to post
Share on other sites

I have to say, that I am now confused. If you have ESMC, and your clients are managed, that would mean that the agent is installed already on the target systems. So then you do not have to do anything, just enable the policy. 

There are co applications needed on the client computer for managed ESET to work properly: 

  1. ESET Management Agent (responsible for maintaining the communication with ESET Security Management Center)
  2. ESET Endpoint Security / Antivirus / File security, which is delivering the factual protection on the target system 

If you do not have ESET Management Agent (Or Remote Administrator agent, in version 6.5 & older) installed, you can deploy it either via the batch script, or deploy the MSI installer using GPO / SCCM, or use the remote deployment tool (to give you better advice, we will need to know your network topology). 

Share this post


Link to post
Share on other sites

Sorry @Michalj if I wasn't clear. I do have agents installed on the cleints.

I thought perhaps that I might need to roll out an updated agent, but from what I understand from what you have said I can introduce password both on agent and client software by policy, without needing to do anything else.

Thanks

Share this post


Link to post
Share on other sites

We strongly recommend upgrading agent to v7 by sending an ESMC upgrade task to the clients.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...