BaldNerd 3 Posted July 22, 2022 Posted July 22, 2022 Hi all, I've got a customer site who uses ESET PROTECT Complete, and they can't have pre-boot auth enabled in their environment. All fine and good to disable it via policy in ESET PROTECT Cloud, but problem is, the systems with the pre-boot auth disabled turn red signifying an Error state. Not good when it comes to auditing the security of the environment, especially since this is an intended action. Anyone have a way to change the threshold for what qualifies as an "Error"? Essentially, we need a way to acknowledge the fact that pre-boot auth has been disabled, and set the state to OK even though it is disabled. Thanks! Robbie Ferguson
ESET Staff AAndrejko 14 Posted July 25, 2022 ESET Staff Posted July 25, 2022 Hi Robbie, Yes there is a way to disable this alert being shown with the Protect console and on the EFDE client. Within the Full Disk Encryption policy there is a User Interface section, within this you have a option called Application statuses, click the edit button and uncheck FDE Authentication is currently disabled. This should remove the status being shown within the console. I have attached a screenshot of this setting. There is also a knowledgebase article regarding this setting although it's not specific to EFDE - https://support.eset.com/en/kb8261-disable-application-statuses-in-eset-protect However I would like to make you aware, the option to turn off/on FDE authentication was not intended to be turned off indefinitely. The function is to aid user/administrators when the system needs to rebooted without interruption, such as when performing software updates to make the process easier or with remote management tools. When pre-boot authentication is disabled, you are very much relying on the Windows login screen for security. However your data at rest is still encrypted when the machine is turned off. I would advise against having pre-boot authentication turned off indefinitely as it does make the system less secure. Kind regards, Ashley
BaldNerd 3 Posted July 25, 2022 Author Posted July 25, 2022 Fantastic - thank you so very much Ashley! I'll let the customer know. Robbie
Recommended Posts