PuterCare 3 Posted September 28, 2020 Share Posted September 28, 2020 I just had a reply from Eset tech support and they suggested adding rules for the following, I already had the first two so hopefully the third rule will be what resolves for me. I don't have the systems available to me right now to test. /Applications/Microsoft Teams.app /Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper.app /Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper.app/Contents/MacOS/Microsoft Teams Helper Link to post Share on other sites
Ashkaan 2 Posted November 10, 2020 Share Posted November 10, 2020 On 9/28/2020 at 9:04 AM, PuterCare said: I just had a reply from Eset tech support and they suggested adding rules for the following, I already had the first two so hopefully the third rule will be what resolves for me. I don't have the systems available to me right now to test. /Applications/Microsoft Teams.app /Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper.app /Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper.app/Contents/MacOS/Microsoft Teams Helper This does not work. Users are still have constant dropped Teams calls. With the Firewall completely off, it's perfect. Link to post Share on other sites
PuterCare 3 Posted November 11, 2020 Share Posted November 11, 2020 13 hours ago, Ashkaan said: This does not work. Users are still have constant dropped Teams calls. With the Firewall completely off, it's perfect. Since I deployed these rules using ESMC I have not had any reports of Teams issues so I'm not sure what is going on for you but if you take the logs and send to Eset hopefully they can help? Link to post Share on other sites
conorc 1 Posted November 11, 2020 Share Posted November 11, 2020 16 hours ago, Ashkaan said: This does not work. Users are still have constant dropped Teams calls. With the Firewall completely off, it's perfect. They added a new app pathway in the latest update and it also needs allowed on the firewall, it is (Renderer) /Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper (Renderer).app/Contents/MacOS/Microsoft Teams Helper (Renderer) PuterCare 1 Link to post Share on other sites
Ashkaan 2 Posted November 11, 2020 Share Posted November 11, 2020 5 hours ago, conorc said: They added a new app pathway in the latest update and it also needs allowed on the firewall, it is (Renderer) /Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper (Renderer).app/Contents/MacOS/Microsoft Teams Helper (Renderer) Thank you so much! I'll try this immediately and report back! conorc 1 Link to post Share on other sites
Ashkaan 2 Posted November 12, 2020 Share Posted November 12, 2020 Based on some early reports, this might be working! Thank you so much! Link to post Share on other sites
conorc 1 Posted November 12, 2020 Share Posted November 12, 2020 18 minutes ago, Ashkaan said: Based on some early reports, this might be working! Thank you so much! No worries, trying to figure out if there is a way to whitelist a higher level of the directory so that if MS make more changes, then it won't be impacted. Any input @Marcos Link to post Share on other sites
Ashkaan 2 Posted November 12, 2020 Share Posted November 12, 2020 Just now, conorc said: No worries, trying to figure out if there is a way to whitelist a higher level of the directory so that if MS make more changes, then it won't be impacted. Any input @Marcos Yes, I'm wondering about the same. I tried to put /Applications/Microsoft Teams.app/*, but I guess it doesn't like *s. Link to post Share on other sites
Administrators Marcos 3,632 Posted November 12, 2020 Administrators Share Posted November 12, 2020 The firewall doesn't support wildcards in the application path. Link to post Share on other sites
conorc 1 Posted November 12, 2020 Share Posted November 12, 2020 Would just whitelisting /Applications/Microsoft Teams.app also allow all of the sub folders? /Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper (Renderer).app/Contents/MacOS/Microsoft Teams Helper (Renderer) Link to post Share on other sites
Ashkaan 2 Posted November 12, 2020 Share Posted November 12, 2020 1 minute ago, conorc said: Would just whitelisting /Applications/Microsoft Teams.app also allow all of the sub folders? /Applications/Microsoft Teams.app/Contents/Frameworks/Microsoft Teams Helper (Renderer).app/Contents/MacOS/Microsoft Teams Helper (Renderer) Definitely not. I tested this thoroughly. conorc 1 Link to post Share on other sites
conorc 1 Posted November 12, 2020 Share Posted November 12, 2020 so this will happen every time Microsoft make a change to the app and there is nothing we can do to prevent it. excellent. Link to post Share on other sites
Ashkaan 2 Posted November 12, 2020 Share Posted November 12, 2020 6 minutes ago, conorc said: so this will happen every time Microsoft make a change to the app and there is nothing we can do to prevent it. excellent. LOL.. that's what it look likes Link to post Share on other sites
Administrators Marcos 3,632 Posted November 12, 2020 Administrators Share Posted November 12, 2020 Theoretically creating an application-agnostic rule should work. Link to post Share on other sites
Ashkaan 2 Posted November 12, 2020 Share Posted November 12, 2020 16 minutes ago, Marcos said: Theoretically creating an application-agnostic rule should work. Ya, but I don't think anyone has done the work to figure out what ports Teams uses. Also, it might be that malware traverses those ports too. Or, Microsoft adds a port without telling anyone. I have a ticket with Microsoft and they are refusing tell me what ports and protocols their app uses. Link to post Share on other sites
conorc 1 Posted November 17, 2020 Share Posted November 17, 2020 On 11/12/2020 at 6:10 PM, Marcos said: Theoretically creating an application-agnostic rule should work. What specific method for this do you mean? Link to post Share on other sites
itman 952 Posted November 17, 2020 Share Posted November 17, 2020 On 11/12/2020 at 1:28 PM, Ashkaan said: Ya, but I don't think anyone has done the work to figure out what ports Teams uses. FYI: https://docs.microsoft.com/en-us/microsoftteams/prepare-network Link to post Share on other sites
Tsoden 1 Posted December 3, 2020 Share Posted December 3, 2020 I'll add that I've added these rules, and Teams seems to be functioning properly now. PuterCare 1 Link to post Share on other sites
Ashkaan 2 Posted December 3, 2020 Share Posted December 3, 2020 14 hours ago, Tsoden said: I'll add that I've added these rules, and Teams seems to be functioning properly now. Where did you get those ports and IPs? Link to post Share on other sites
itman 952 Posted December 3, 2020 Share Posted December 3, 2020 2 hours ago, Ashkaan said: Where did you get those ports and IPs? https://docs.microsoft.com/en-us/microsoftteams/prepare-network Link to post Share on other sites
Ashkaan 2 Posted December 3, 2020 Share Posted December 3, 2020 3 minutes ago, itman said: https://docs.microsoft.com/en-us/microsoftteams/prepare-network That's embarrassing. I thought I looked carefully and now I see the ports. Thank you (for not making fun of me)! Link to post Share on other sites
PuterCare 3 Posted December 4, 2020 Share Posted December 4, 2020 Dos anyone know if there is a way to clone the firewall rules between profiles in ESMC policies i.e. Public, Home and Work? It's annoying to have to switch profile and set up the same rules again manually. Link to post Share on other sites
Rickbale 0 Posted December 21, 2020 Share Posted December 21, 2020 Try disabling the firewall or uninstall and re-install ESET. Regards, Rick Bale Link to post Share on other sites
Recommended Posts