Ufoto 14 Posted September 13, 2021 Share Posted September 13, 2021 Hello, We have a ESET Protect Cloud tenant where I initially set the EDTD to be activated in the following way: A dynamic group with criteria 'Functionality/Protection problems . Problem is one of {ESET Dynamic Threat Defense is not activated or license is invalid.}' was supposed to capture any devices where EDTD is not activated as we have it enabled in all relevant policies. This was working during our tests so I left it to do its job. However, upon checking now, only 1/3 of the devices are activated. And going through some of the unlicensed ones, I no longer see this error code on any of them. Were these error codes removed? If not, do they have any other prerequisite apart from applied policy with EDTD enabled and installed Endpoint Security? Another question I am struggling with is how to identify systems missing EDTD now? In the reports builder I can easily create a report with systems which have EDTD license applied, however I can't find a way to get as a result only the systems which don't have this license applied. Apologies for the long post, many thanks. Link to comment Share on other sites More sharing options...
Ufoto 14 Posted October 18, 2021 Author Share Posted October 18, 2021 Nobody knows? 😕 Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 434 Posted October 18, 2021 ESET Staff Share Posted October 18, 2021 Hello. Currently, it is a bit difficult, to determine, which computer has EDTD activated and working. Your are right, that in the past, it worked in the following way: You enabled EDTD via policy If the EDTD was "not activated" on a particular machine, it reported an error Based on this error, you can group such machines in a dynamic group You can have set "activated EDTD" task on top of such dynamic group that will enable it Currently, the "error" state was removed, and EDTD does not report that type of error it is not activated. Per my knowledge, this was due to some architectural changes, and moving towards "more proper" reporting of feature states. Last update I got from the developers was, that we are working on a better way, that will be most likely implemented in next releases. One IDEA is use "ESET Solutions" tab, and over there you will see, how many have EDTD active, and how many does not have it active. You can click "Deploy", which should do both the enabling, and activation in one step. Sorry for the inconvenience, and stay tuned for the updates, when the proper solution gets implemented. Ufoto 1 Link to comment Share on other sites More sharing options...
Ufoto 14 Posted October 18, 2021 Author Share Posted October 18, 2021 Thank you for your response. I am looking forward to this new reporting feature. I am having difficulties finding this 'ESET Solutions' tab. I couldn't find it in the dashboards or reports. The only place where I can see a number of EDTD seats is the ESET Business account 'Activated Devices' and then I can export a CSV with all EDTD activated devices, however it is really hard to compare it with the total list of managed systems in order to spot the differences. Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 434 Posted October 19, 2021 ESET Staff Share Posted October 19, 2021 "ESET Solutions" tab is located directly in ESET PROTECT Cloud, in the menu on the left hand side of the screen. Link to comment Share on other sites More sharing options...
Ufoto 14 Posted October 20, 2021 Author Share Posted October 20, 2021 Hello Michalj, That's odd, I just checked two different consoles (both entitled for EDTD), and this section is not there at all: Is this section something that has to be manually enabled from somewhere? Link to comment Share on other sites More sharing options...
ESET Staff Solution MichalJ 434 Posted October 22, 2021 ESET Staff Solution Share Posted October 22, 2021 Hello, it´s possible that your instance has not yet been upgraded to the latest version (upgrades are pending now as we speak). In that case, you can find this "ESET Solutions" tab within "preview features", which is located in the "quick links" menu in the top bar of ESET PROTECT Cloud Instance. Ufoto 1 Link to comment Share on other sites More sharing options...
karsayor 8 Posted October 26, 2021 Share Posted October 26, 2021 I have same issue to identify devices without EDTD now since the change. How can I identify them with the on-premise console ? Link to comment Share on other sites More sharing options...
karsayor 8 Posted October 27, 2021 Share Posted October 27, 2021 Also on Server Security 8.0, the behaviour is still the old, it activates though policy and tells about missing license. Which I think is better than having no info at all 🙄 Link to comment Share on other sites More sharing options...
Ufoto 14 Posted January 5, 2022 Author Share Posted January 5, 2022 I know it is an old topic, but since there is no resolution yet, I decided to share the workaround I found. Although you can't create Report or Dynamic Group template based on missing EDTD license, you can do the opposite - create such for systems having it activated. So what I did was to create a Dynamic Group which collects all systems with applied EDTD license and then I tagged all devices inside this group with a specific tag. I did this over the course of few days in order to make sure all active systems have the tag. Then you can identify systems which don't have the tag (thus don't have EDTD activated or offline for a while) by simply ordering the systems in the 'Computers' view by Tags. I hope this helps some other struggling souls out there MichalJ 1 Link to comment Share on other sites More sharing options...
karsayor 8 Posted March 4, 2022 Share Posted March 4, 2022 This is rather a manual and painful solution. @MichalJnothing new about this matter ? Link to comment Share on other sites More sharing options...
Ufoto 14 Posted March 4, 2022 Author Share Posted March 4, 2022 Yes, there is. I found out about this from another user in the forum. You can create a dynamic group template which detects devices missing EDTD. Then create a dynamic group using it and assign a EDTD license task at this group. This way if there is a system missing EDTD it will be automatically licensed. The expression looks like this: I hope this helps. Link to comment Share on other sites More sharing options...
Recommended Posts