tesla 0 Posted June 23 Share Posted June 23 Hi all, its possible to configure policies, that they switch settings, depending on the which the endpoint is in ? Example: a Notebook is in the lokal LAN, with connection to the On-Prem ESET PROTECT Server -> Firewall is off the same Notebook is in a private LAN Network @ home, so no connection to the local On-Prem ESET Protect Server -> Firewall turns on Greeting from Germany Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,244 Posted June 23 Administrators Share Posted June 23 You can create dynamic groups for particular networks and assign specific policies to them: tesla 1 Quote Link to comment Share on other sites More sharing options...
tesla 0 Posted June 23 Author Share Posted June 23 Hi, thanks for the fast respont. I know the dyn. Groups, but lets say the Notebook is in the lokal Business Network and has connection to the On-Prem Protect Server, i can create a dyn. Group, wich the notebook joins when the network adapter has a IP Adresse from a configurated Subnet, so far so good. But if i take the same Notebook after my shift to my home and plugg it in my Homenetwork, then it cant be swapt out off the dyn. groupe for a policie change or ? Bc i have no connection to the On Prem. Server. The idea is: we have a couple of Notebooks here, a big network with 1XXX Endpoints, X0 Networks/Subnets, 1 On-Prem Protect Server. As long the Notebook is the company Network, the Firewall is offline (we use medical Equipment and so on), but if the employee take the Notebook on a Business Trip (Airport as example) or for Homeoffice, the Firewall should be turned on (then they use only RDP on any off the Terminal Servers). its thats even possible ? Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 4,244 Posted June 23 Administrators Share Posted June 23 It would work even when roaming with the notebook because polices as well as a list of dynamic groups and the appropriate DG expressions are received by agent when connecting to the ESET PROTECT server and therefore DG work even offline when a connection to the ESET PROTECT server isn't available. The membership in DG is evaluated on clients by the managing agent. tesla 1 Quote Link to comment Share on other sites More sharing options...
tesla 0 Posted June 23 Author Share Posted June 23 okay , i will try. Thank you Quote Link to comment Share on other sites More sharing options...
tesla 0 Posted June 24 Author Share Posted June 24 Hi, me again. The policie and the evaluation works, thanks again. But i have a question, it is possible for a DG Group Template to have a Expression with a value "connected to a ESET Protect Server yes/no" or im totally blind today Greetings Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.