Jump to content

Trigger by Event LogQuestion


Recommended Posts

Hi,

is it correct that a Client Task which should start an Network Isolation with a Trigger that reacts on Event-Log Criteria, is processed directly on the client without waiting for feedback of ESET Protect Server? - It looks like that for me. (Would be great if im right because so i can diretly isolate a client which has found malware on it (so in case it still starts ransomware and eset detects it after a few moments it can't spread over the network...even if our network system shouldn't be vulnerable for this network spread stuff.. but i like to build some extra protections..you never know). there are still excel files out there which are starting an OLE Object and after a few seconds you have som jpg file in AppData and Temp with Trojan Detections. And that would just isolate that one infected system and wouldn't crypt a whole company ^^

image.png.c94a71c01c180c162548e7e00e49f1fc.png

 

Testing: After i download an infected file and unzip it, ESET detects it and just 1 second after, it isolates my test machine (i can see that in eset endpoint security application). so event log trigger is processes on the client itself without waiting for eset protect info? or do i have a mistake in thinking?
 

Link to comment
Share on other sites

Too early for me...just deactivated network adapter and it still directly isolates the testclient. so it looks like its working how it should :) no waiting for protect server needed

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...