charlie145 0 Posted April 2, 2014 Posted April 2, 2014 I have created a 'Workstations - Filtered Internet' policy in policy manager and an associated entry in Policy Rules and the Group Manager. I have assigned one workstation to this group as a test (the new policy is a child policy of the 'Workstations' policy) and confirmed that settings are applying correctly to this workstation by adding a path exclusion to the new policy then checking the exclusions on the workstation once it picked up the change. The issue I am having is that I am unable to set up any kind of filtering of websites. The Workstations - Filtered Internet policy only has the Web Control > Settings > System Integration 'Yes' and Web Control > Settings > Rules defined, the rest of the settings it inherits from the parent policy (Workstations). The two rules I have in place for Web Control are a category based rule to block Social Networking and a URL based rule to block https://www.facebook.com/, ideally we would like to only use category based filtering but I added the URL filter as a test. Neither of these rules seem to be having any effect on the PC assigned to the group, however. It can still browse to Facebook as always. The server is running ESET Remote Administrator Console Version 5.0.511.0 and the client has ESET Endpoint Antivirus 5.0.2214 Any advice on how to get the filtering working would be greatly appreciated!! I have followed the KB article for deploying filtering using RA Console to no avail!
Administrators Marcos 5,739 Posted April 2, 2014 Administrators Posted April 2, 2014 Hello, in order to filter https websites, you must have SSL scanning enabled. However, this may cause issues with certain applications that do not trust self-signed root certificates.
charlie145 0 Posted April 3, 2014 Author Posted April 3, 2014 (edited) Thanks Marcos, I tried adding the setting to allow scanning of SSL but it hasn't made any difference, the PC can still browse to Facebook just as before, any ideas? I have attached a screenshot of the Workstations - Filtered Internet policy so you can see what is set in it. Edited April 3, 2014 by charlie145
Administrators Marcos 5,739 Posted April 9, 2014 Administrators Posted April 9, 2014 I'd suggest you try downloading the test file eicar.com on the workstation to make sure that SSL scanning works alright. If it's not detected and blocked by Web protection, SSL doesn't work properly for some reason.
charlie145 0 Posted April 9, 2014 Author Posted April 9, 2014 Hi, I tried downloading the file and ESET quarantined it so I assume that the scanning of SSL is working correctly.
Administrators Marcos 5,739 Posted April 14, 2014 Administrators Posted April 14, 2014 Is it only https sites that don't get blocked?
charlie145 0 Posted April 14, 2014 Author Posted April 14, 2014 No it's all of them, I figured out what was causing it by emailing ESET support. Apparently the version of the client we are using doesn't have the firewall and so doesn't support Web Control rules!
Administrators Solution Marcos 5,739 Posted April 15, 2014 Administrators Solution Posted April 15, 2014 No it's all of them, I figured out what was causing it by emailing ESET support. Apparently the version of the client we are using doesn't have the firewall and so doesn't support Web Control rules! Web control is part of ESET Endpoint Security, it's not included in ESET Endpoint Antivirus. Although the former contains a firewall, too, it's a feature independent from Web control. I must admit that I overlook your statement that you use ESET Endpoint Antivirus.
Recommended Posts