j-gray 33 Posted March 30, 2022 Share Posted March 30, 2022 Just started testing and am finding issues with: End users are prompted to Allow/Don't Allow proxy configuration ESET icon is displayed in the dock even though policy is configured to not display in dock Icon shows red/warning status due to 'Web and email protection is not configured'. However, web and email protection is disabled by policy and the policy is also configured to ignore web and email status on the client and not report web and email status to the server. How can we get rid of the Security Alert for web and email protection? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted March 30, 2022 Administrators Share Posted March 30, 2022 If the issue persist after a system restart, please collect logs as per https://support.eset.com/en/kb3404 and open a support ticket. Link to comment Share on other sites More sharing options...
j-gray 33 Posted March 30, 2022 Author Share Posted March 30, 2022 24 minutes ago, Marcos said: If the issue persist after a system restart, please collect logs as per https://support.eset.com/en/kb3404 and open a support ticket. Issues persist after several reboots. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,935 Posted March 30, 2022 Administrators Share Posted March 30, 2022 Do you know by chance if this started after an OS update? An issue like this has been recently fixed (as of v 7.0.7241.0). P_EECSM-2905 Link to comment Share on other sites More sharing options...
j-gray 33 Posted March 30, 2022 Author Share Posted March 30, 2022 No, this was my system used for testing, running Big Sur (11.6.4). I just upgraded today from 6.11.202.0 to the latest release available in the EP Console: 7.0.7300.0. No OS updates have occurred. Link to comment Share on other sites More sharing options...
ESET Staff MichalJ 430 Posted March 31, 2022 ESET Staff Share Posted March 31, 2022 Hello @j-gray just one idea. As the EEA V7 is a brand new product, the policy settings from older versions (V6) will not apply. Maybe, that is the reason, why they are not reflecting, as you have upgraded. j-gray 1 Link to comment Share on other sites More sharing options...
Former ESET Employees Matus 21 Posted March 31, 2022 Former ESET Employees Share Posted March 31, 2022 (edited) Hi J-gray, thank you for contacting us. Please find root causes for understanding and some solutions/workarounds for your issues. 1, Users are prompt because integration to the system is happening during installation. If you're using JAMF and have configuration from v6, then this has to be changed, please see here: https://help.eset.com/eea_mac/7/en-US/installation.html?install_remote_pre-installation.html . It seems that you don't want WAP at all. Unfortunately, right now it's not possible to install the product without WAP component, therefore it always tries to integrate into the system. We're planning to have possibility to "exclude" components for installation later this year. 2, New generation of product requires new configuration. As Michalj mentioned, you'll need to apply new policy tree. Now it works differently than in v6, which makes more sense. If GUI is opened, then icon in dock is present. If GUI is closed, an icon in dock disappears. You can set to disallow opening GUI to users or to disable showing a menubar icon as well. 3, Within the policy > User Interface > Application statuses please disable : Network content filtering integration warnings. That you "solve" the problem. Regarding "Disable by policy"... In ESET, Disable means something like "don't use it/pause using it", not "don't integrate into the system". When you disable it still stays integrated so when you enables it back, it just works. That's why even though you've disabled it, it's screaming that it's not configured, because it's not integrated into the system (user probably clicked Deny or manually erased integrated component (ESET Web&Email) in Network Preferences of macOS. However, if you're not using JAMF it's recommended that this component will be allowed and if you're using it, then please allow it via JAMF (see guide above) and then feel free to disable it via policy. I'm also afraid that possibly you'll need to reinstall application. Edited March 31, 2022 by Matus j-gray 1 Link to comment Share on other sites More sharing options...
j-gray 33 Posted March 31, 2022 Author Share Posted March 31, 2022 @MichalJ @Matus Thanks for your replies and detailed information. Yes, I missed the new V7 policies. I've configured those to mirror our existing V6 policies. The red warning dot no longer appears on the ESET icon. However, when opening the GUI, the Protection Status is red with a Security Alert that "Web and email protection is not configured." This was not the behavior in V6. In addition, though policy is configured to not report web and email status to server, EP Console flags the device with a critical error due to web and email not configured. Finally, it may be coincidence, but EEI agent on this system now shows as 'Malfunction'. "Installed but not running" Thanks again -I appreciate the info and assistance. Link to comment Share on other sites More sharing options...
Former ESET Employees Matus 21 Posted April 1, 2022 Former ESET Employees Share Posted April 1, 2022 Hi J, thanks for the reply. This "Security Alert that "Web and email protection is not configured."" in GUI should be fixable by by adjusting v7 policy: User Interface > Application statuses please disable : Network content filtering integration warnings. (left checkbox) Please can you confirm it works? "not report web and email status to server," - is the right checkbox unchecked from picture above? Enterprise Inspector supports ESET Endpoint AV for macOS 7+ from version 1.7, released a week ago. I think that you still have installed version 1.6, which has no support for Endpoint for macOS v7+. In such case, such message is present. Please can you confirm? Thank you j-gray 1 Link to comment Share on other sites More sharing options...
j-gray 33 Posted April 5, 2022 Author Share Posted April 5, 2022 @Matus Thanks again. Sorry for the delayed reply. Had to upgrade the EEI server so I could push the new EEI agent in order to test again. I'll push out a few new AV clients and report back shortly. Link to comment Share on other sites More sharing options...
j-gray 33 Posted April 7, 2022 Author Share Posted April 7, 2022 On 4/1/2022 at 1:10 AM, Matus said: Hi J, thanks for the reply. This "Security Alert that "Web and email protection is not configured."" in GUI should be fixable by by adjusting v7 policy: User Interface > Application statuses please disable : Network content filtering integration warnings. (left checkbox) Please can you confirm it works? "not report web and email status to server," - is the right checkbox unchecked from picture above? Enterprise Inspector supports ESET Endpoint AV for macOS 7+ from version 1.7, released a week ago. I think that you still have installed version 1.6, which has no support for Endpoint for macOS v7+. In such case, such message is present. Please can you confirm? Thank you @Matus I upgraded EEI server and connector and the connector no longer breaks when installing v7. I wasn't aware that this would be an issue. Also, I cleared the boxes for Network Content Filtering warnings. It now clears the warning condition from the EP console, but client GUI still show red. Any way to resolve this? Link to comment Share on other sites More sharing options...
Former ESET Employees Matus 21 Posted April 8, 2022 Former ESET Employees Share Posted April 8, 2022 Hi J-Gray, I'm very sorry, it's a bug. We're tracking it and plan to fix in version 7.1 (available most likely in May) Until that time you've 2 options which comes to my mind: - reboot computer so system popup will appear (or "sudo launchctl stop com.eset.protection" and then "sudo launchctl start com.eset.protection") and Allow Proxy configuration and you can keep it disabled. - or you'll have to approve it via MDM (Jamf): https://help.eset.com/eea_mac/7/en-US/installation.html?install_remote_pre-installation.html > part: Web access protection and keep it disabled in settings. Please accept my apology for inconvenience Peter Randziak and j-gray 2 Link to comment Share on other sites More sharing options...
j-gray 33 Posted April 8, 2022 Author Share Posted April 8, 2022 @Matus No worries. Thanks for confirming it as a known issue. Link to comment Share on other sites More sharing options...
Recommended Posts