Jump to content

Unable to identify EDTD unlicensed devices


Go to solution Solved by MichalJ,

Recommended Posts

Hello, 

We have a ESET Protect Cloud tenant where I initially set the EDTD to be activated in the following way: A dynamic group with criteria 'Functionality/Protection problems . Problem is one of {ESET Dynamic Threat Defense is not activated or license is invalid.}' was supposed to capture any devices where EDTD is not activated as we have it enabled in all relevant policies. This was working during our tests so I left it to do its job. However, upon checking now, only 1/3 of the devices are activated. And going through some of the unlicensed ones, I no longer see this error code on any of them. 

Were these error codes removed? If not, do they have any other prerequisite apart from applied policy with EDTD enabled and installed Endpoint Security?

Another question I am struggling with is how to identify systems missing EDTD now? In the reports builder I can easily create a report with systems which have EDTD license applied, however I can't find a way to get as a result only the systems which don't have this license applied.

Apologies for the long post, many thanks.

Link to comment
Share on other sites

  • 1 month later...
  • ESET Staff

Hello. Currently, it is a bit difficult, to determine, which computer has EDTD activated and working. Your are right, that in the past, it worked in the following way: 

  1. You enabled EDTD via policy
  2. If the EDTD was "not activated" on a particular machine, it reported an error 
  3. Based on this error, you can group such machines in a dynamic group 
  4. You can have set "activated EDTD" task on top of such dynamic group that will enable it

Currently, the "error" state was removed, and EDTD does not report that type of error it is not activated. Per my knowledge, this was due to some architectural changes, and moving towards "more proper" reporting of feature states. Last update I got from the developers was, that we are working on a better way, that will be most likely implemented in next releases. 

One IDEA is use "ESET Solutions" tab, and over there you will see, how many have EDTD active, and how many does not have it active. You can click "Deploy", which should do both the enabling, and activation in one step. 

Sorry for the inconvenience, and stay tuned for the updates, when the proper solution gets implemented. 

 

Link to comment
Share on other sites

Thank you for your response. I am looking forward to this new reporting feature. 

I am having difficulties finding this 'ESET Solutions' tab. I couldn't find it in the dashboards or reports. The only place where I can see a number of EDTD seats is the ESET Business account 'Activated Devices' and then I can export a CSV with all EDTD activated devices, however it is really hard to compare it with the total list of managed systems in order to spot the differences. 

Link to comment
Share on other sites

Hello Michalj,

 

That's odd, I just checked two different consoles (both entitled for EDTD), and this section is not there at all:

image.png.033dc4aa2e4631538c572f70968e312b.png image.png.0d97b02b182e9027291fe73076064c44.png

Is this section something that has to be manually enabled from somewhere?

Link to comment
Share on other sites

  • ESET Staff
  • Solution

Hello, it´s possible that your instance has not yet been upgraded to the latest version (upgrades are pending now as we speak). In that case, you can find this "ESET Solutions" tab within "preview features", which is located in the "quick links" menu in the top bar of ESET PROTECT Cloud Instance. 

Link to comment
Share on other sites

Also on Server Security 8.0, the behaviour is still the old, it activates though policy and tells about missing license. Which I think is better than having no info at all 🙄

Link to comment
Share on other sites

  • 2 months later...

I know it is an old topic, but since there is no resolution yet, I decided to share the workaround I found.

Although you can't create Report or Dynamic Group template based on missing EDTD license, you can do the opposite - create such for systems having it activated. 

So what I did was to create a Dynamic Group which collects all systems with applied EDTD license and then I tagged all devices inside this group with a specific tag. I did this over the course of few days in order to make sure all active systems have the tag. Then you can identify systems which don't have the tag (thus don't have EDTD activated or offline for a while) by simply ordering the systems in the 'Computers' view by Tags.

I hope this helps some other struggling souls out there :)

Link to comment
Share on other sites

  • 1 month later...

Yes, there is. I found out about this from another user in the forum.

You can create a dynamic group template which detects devices missing EDTD. Then create a dynamic group using it and assign a EDTD license task at this group. This way if there is a system missing EDTD it will be automatically licensed. The expression looks like this:Capture2244.thumb.PNG.26022912f13c65b8eb1e415522fb0186.PNG

I hope this helps.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...