Jump to content

Firewall rules from policy in Installer are added as "local" rules


Recommended Posts

I created a company wide policy in Protect and it's applied to every PC With Endpoint Security. I has many different setting, one of them are few firewall rules. I also created custom installer and in "Security Product -> Configuration policy" I selected that policy for installer. When I use that installer to install ESET, then everything from this policy is applied as intended, but those firewall rules are added as local rules, and when that ESET connects and grabs policy settings from Protect, then we end up with duplicate rules, one set from local and one set from policy.

1. Is this intended behavior?

2. Can I somehow remove local rules remotely?

I have 100+ computers, I really don't want to remove them manually .

Link to comment
Share on other sites

  • Administrators

1, Yes, that's by design.

2, You can replace replace local settings by a policy:

image.png

Link to comment
Share on other sites

Is there a way to create report of local rules from every computer ? Because I added some rules on some PC and I don't want to remove them by overwriting, so I will need to add them using another policy first.

Link to comment
Share on other sites

  • Administrators

No, it's not possible to export the configuration tree into Word or pdf files for a review.

Link to comment
Share on other sites

Posted (edited)

You reminded me of "Request Configuration". I can manually request configuration on every PC, it will be tedious but still better than manually checking every PC. I checked and it shows both local andpolicy firewall rules (although on one list without knowing what is what, but that's not a problem).

Edited by kapela86
Link to comment
Share on other sites

  • ESET Staff
On 4/28/2022 at 2:24 PM, kapela86 said:

You reminded me of "Request Configuration". I can manually request configuration on every PC, it will be tedious but still better than manually checking every PC. I checked and it shows both local andpolicy firewall rules (although on one list without knowing what is what, but that's not a problem).

If it helps, it should be possible to request configuration from all devices using one task (manually created, even with limitation to export only configuration of security product) but be careful that depending on size of such configuration, it might generate network traffic and it might increase database size, especially when executed repeatedly in larger environments.
But regardless of that, inspection of rules will have to be made manually.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...