tesla 0 Posted June 23, 2022 Share Posted June 23, 2022 Hi all, its possible to configure policies, that they switch settings, depending on the which the endpoint is in ? Example: a Notebook is in the lokal LAN, with connection to the On-Prem ESET PROTECT Server -> Firewall is off the same Notebook is in a private LAN Network @ home, so no connection to the local On-Prem ESET Protect Server -> Firewall turns on Greeting from Germany Link to comment Share on other sites More sharing options...
Administrators Marcos 4,919 Posted June 23, 2022 Administrators Share Posted June 23, 2022 You can create dynamic groups for particular networks and assign specific policies to them: tesla 1 Link to comment Share on other sites More sharing options...
tesla 0 Posted June 23, 2022 Author Share Posted June 23, 2022 Hi, thanks for the fast respont. I know the dyn. Groups, but lets say the Notebook is in the lokal Business Network and has connection to the On-Prem Protect Server, i can create a dyn. Group, wich the notebook joins when the network adapter has a IP Adresse from a configurated Subnet, so far so good. But if i take the same Notebook after my shift to my home and plugg it in my Homenetwork, then it cant be swapt out off the dyn. groupe for a policie change or ? Bc i have no connection to the On Prem. Server. The idea is: we have a couple of Notebooks here, a big network with 1XXX Endpoints, X0 Networks/Subnets, 1 On-Prem Protect Server. As long the Notebook is the company Network, the Firewall is offline (we use medical Equipment and so on), but if the employee take the Notebook on a Business Trip (Airport as example) or for Homeoffice, the Firewall should be turned on (then they use only RDP on any off the Terminal Servers). its thats even possible ? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,919 Posted June 23, 2022 Administrators Share Posted June 23, 2022 It would work even when roaming with the notebook because polices as well as a list of dynamic groups and the appropriate DG expressions are received by agent when connecting to the ESET PROTECT server and therefore DG work even offline when a connection to the ESET PROTECT server isn't available. The membership in DG is evaluated on clients by the managing agent. tesla 1 Link to comment Share on other sites More sharing options...
tesla 0 Posted June 23, 2022 Author Share Posted June 23, 2022 okay , i will try. Thank you Link to comment Share on other sites More sharing options...
tesla 0 Posted June 24, 2022 Author Share Posted June 24, 2022 Hi, me again. The policie and the evaluation works, thanks again. But i have a question, it is possible for a DG Group Template to have a Expression with a value "connected to a ESET Protect Server yes/no" or im totally blind today Greetings Link to comment Share on other sites More sharing options...
Recommended Posts