Jump to content

ESET PROTECT Error state when pre-boot auth disabled.


Recommended Posts

Posted

Hi all,
I've got a customer site who uses ESET PROTECT Complete, and they can't have pre-boot auth enabled in their environment.

All fine and good to disable it via policy in ESET PROTECT Cloud, but problem is, the systems with the pre-boot auth disabled turn red signifying an Error state. Not good when it comes to auditing the security of the environment, especially since this is an intended action.

Anyone have a way to change the threshold for what qualifies as an "Error"? Essentially, we need a way to acknowledge the fact that pre-boot auth has been disabled, and set the state to OK even though it is disabled.

Thanks!
Robbie Ferguson

  • ESET Staff
Posted

Hi Robbie,

Yes there is a way to disable this alert being shown with the Protect console and on the EFDE client. Within the Full Disk Encryption policy there is a User Interface section, within this you have a option called Application statuses, click the edit button and uncheck FDE Authentication is currently disabled. This should remove the status being shown within the console. I have attached a screenshot of this setting. There is also a knowledgebase article regarding this setting although it's not specific to EFDE - https://support.eset.com/en/kb8261-disable-application-statuses-in-eset-protect

However I would like to make you aware, the option to turn off/on FDE authentication was not intended to be turned off indefinitely. The function is to aid user/administrators when the system needs to rebooted without interruption, such as when performing software updates to make the process easier or with remote management tools.

When pre-boot authentication is disabled, you are very much relying on the Windows login screen for security. However your data at rest is still encrypted when the machine is turned off.

I would advise against having pre-boot authentication turned off indefinitely as it does make the system less secure.

Kind regards,

Ashley

TurnoffAuthStatus.png

Posted

Fantastic - thank you so very much Ashley! I'll let the customer know.

Robbie

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...