Jump to content

Firewall rules from policy in Installer are added as "local" rules


Recommended Posts

I created a company wide policy in Protect and it's applied to every PC With Endpoint Security. I has many different setting, one of them are few firewall rules. I also created custom installer and in "Security Product -> Configuration policy" I selected that policy for installer. When I use that installer to install ESET, then everything from this policy is applied as intended, but those firewall rules are added as local rules, and when that ESET connects and grabs policy settings from Protect, then we end up with duplicate rules, one set from local and one set from policy.

1. Is this intended behavior?

2. Can I somehow remove local rules remotely?

I have 100+ computers, I really don't want to remove them manually .

Link to comment
Share on other sites

  • Administrators

1, Yes, that's by design.

2, You can replace replace local settings by a policy:

image.png

Link to comment
Share on other sites

Is there a way to create report of local rules from every computer ? Because I added some rules on some PC and I don't want to remove them by overwriting, so I will need to add them using another policy first.

Link to comment
Share on other sites

  • Administrators

No, it's not possible to export the configuration tree into Word or pdf files for a review.

Link to comment
Share on other sites

Posted (edited)

You reminded me of "Request Configuration". I can manually request configuration on every PC, it will be tedious but still better than manually checking every PC. I checked and it shows both local andpolicy firewall rules (although on one list without knowing what is what, but that's not a problem).

Edited by kapela86
Link to comment
Share on other sites

  • ESET Staff
On 4/28/2022 at 2:24 PM, kapela86 said:

You reminded me of "Request Configuration". I can manually request configuration on every PC, it will be tedious but still better than manually checking every PC. I checked and it shows both local andpolicy firewall rules (although on one list without knowing what is what, but that's not a problem).

If it helps, it should be possible to request configuration from all devices using one task (manually created, even with limitation to export only configuration of security product) but be careful that depending on size of such configuration, it might generate network traffic and it might increase database size, especially when executed repeatedly in larger environments.
But regardless of that, inspection of rules will have to be made manually.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...