Jump to content

Customize what qualifies as Security Alert in Dashboard


Go to solution Solved by Marcos,

Recommended Posts

Howdie all 🙂

 

in the process of setting up HO protection for our Users. 

One of the compromises we have to do is a setup with minimal protection. That includes no anti-phishing, ransom-ware, etc protection.

Our Users wanting to risk their private computers is their choice. As long as it doesnt affect Office Network Security too severly.

Creating policy for it and deploying it worked like a charm.

 

But now all those minimal config Clients show up under "Security risks" in the dashboard. 

They need to disappear from there or we will miss Security risks we don't know about.

 

They are in their own group. So Ideally, we need to remove "Antiphishing not activated" for this group only.

 

But all I found is "mute" the given computers. Which I assume just means. All security risk notifications would be deactivated...

 

if anybody could point me the right direction for configuring what Issues qualify for what group to show up in Dashboard under Security risk. We would be most grateful...

 

cheers

Link to comment
Share on other sites

  • Administrators

I am sorry but what is installing an antivirus with disabled antivirus protection good for? Isn't it better then to not install it at all? Please explain since it doesn't make much sense.

Link to comment
Share on other sites

Quote

I am sorry but what is installing an antivirus with disabled antivirus protection good for? Isn't it better then to not install it at all? Please explain since it doesn't make much sense.

 

Phishing attempt is not quite the same as a virus or a trojan. (nor is spam detection for that matter; or firewall) and your colleagues at development seem to be able to see the sense. Which is, I guess at least,  why they added the option in policies to disable these parts...

 

so please cut the snark. It's quite frankly unprofessional and rude and reflects badly on your employer...

 

As for "explain since it doesnt make sense".

System A with antivirus, scans (mem and disk) IDS, process hardening, analytics and quite  a few other features, but not antiphishing.

Versus System B with no  protection at all...

Well to me they are not the same at all from a security stand point. Maybe you explain to me why they are the same? As that seems to be your point with "Isn't it better then to not install it at all?"

Link to comment
Share on other sites

  • Administrators
  • Solution

I'm sorry if it was offensive to you, it was definitely not intended. I had to ask for more information first since you didn't mention only antiphishing but also other protection features:

Quote

That includes no anti-phishing, ransom-ware, etc protection.

As for not being notified about disabled antiphishing, you can disable the antiphishing-related application statuses via a policy:

image.png

Link to comment
Share on other sites

Posted (edited)
41 minutes ago, Marcos said:

I'm sorry if it was offensive to you, it was definitely not intended. I had to ask for more information first since you didn't mention only antiphishing but also other protection features:

As for not being notified about disabled antiphishing, you can disable the antiphishing-related application statuses via a policy:

image.png

No offense taken if it wasn't intended 🙂

 

That totally did the trick. Thank you!

To be honest should have connected "Application statuses" with what I wanted myself. I guess I just took "Send" to mean via Email as can be configured elsewhere 🙂  Still learning the ropes...

 

Marked your post as the answer to my question 🙂

Edited by remosito
Link to comment
Share on other sites

  • Administrators

Show means to display the protection status on the client while Send means to report it to ESET PROTECT.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...