Jump to content

Recommended Posts

Posted

I am looking to see if any one that is using Eset Endpoint Security is also using a Watchguard Firewall appliance that has enabled WatchGuard's Threat Detection & Response tool. 

I have just stared to play around with the settings and I noticed that Watchguard quarantines .raw files in the folder C:\Program Files\ESET\ESET Security\Modules.  Does anyone know what these files are and how eset uses them?

Here is a link to the Watchguard TDR datasheet. 

https://www.watchguard.com/wgrd-products/security-services/threat-detection-and-response

Annotation 2020-07-30 094026.jpg

  • Administrators
Posted

It's a false positive. Those are update files necessary to assemble modules during compilation.

Posted

Thanks for the quick response.  So if they are update files is there an process that they get cleaned up over time or are the accumulative?

  • Administrators
Posted

They should be replaced with a newer version over time.

Posted

Thanks, I will make a rule in the TDR settings to whitelist the folder for all of my users.

  • Administrators
Posted

By the way, we have our own EDR solution ESET Enterprise Inspector which leverages our products as well as LiveGrid, machine-learning and other technologies to provide CISO or administrators with insight into suspicious operations that occur in the network and allow for manual or automatic remediation. We currently provide 418 pre-defined rules that trigger on suspicious operations with an option to create new rules by an admin.

image.png

image.png

Posted

Thanks.  Since we already pay for Watchguard I don't want to introduce another layer quite yet.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...