Jump to content

Protections non functional after getting the nanos updates


Peri
Go to solution Solved by Marcos,

Recommended Posts

Greetings to all,

If someone can assist with the strange issue as per below it would be great,

I'm using EEA 10.0.2 and as an updating method I'm using the Level and Nanos updates. On a fresh installation, I apply the general levels update and everything goes well until the point that I deploy the next in sequence nano update.

For instance, I'm deploying first the level update  20221202_112001_dll64_levels.rar (size 86.6MB) and then when I'm applying the nanos 20221209_112001_dll64_nanos.rar (size 812kb) after sometime I'm getting errors as per attached.
HIPS non functional
IDS non functional
Web and email protocol non functional.
 
I've tried to enable/disable those services protection without success.
The device has been restarted several times without success.
 
PS1: the update is applied as you can see on the update image but the errors cannot be resolved.
PS2:  if the module gets the updates via internet, then all issues resolved.
 

Thanks in advance,

Peri

 

error1.JPG

eser version.JPG

update page.JPG

error1.JPG

Link to comment
Share on other sites

  • Administrators

Did you use the full module package and then applied the differential update files? If so, please open a support ticket as this would have to be tested by ESET personnel.

Link to comment
Share on other sites

Good day Marcos,

 

Thanks for the reply.

Yes, I have used the full package as you said and then I applied the nanos sequentially.. It seems that, there is an issue with the HIPS drivers as per attached.

I'm wondering how can I uninstall that particular driver. It might work. 

I/m already in contact with ESET support team but we're still working on that issue.

 

Thanks

Peri

logs.JPG

Link to comment
Share on other sites

  • Administrators

An important question, did you update Endpoint v10 from ESET's servers after installation and only then applied the micro update files?

Link to comment
Share on other sites

Good day Marcos,

No, the Endpoint hasn't been updated from ESET servers. Even for the activation, I've used an offline licence file.

Thanks,

Peri

Link to comment
Share on other sites

Hi Marcos,

The full installer worked fine!

I've been using the installers created directly from the eset protect console. Besides the obvious size difference, (the ones created from the protect installer are about 109MB), is there anything else that might affect?

I'm also looking for a full installer for the Windows server 2019. Is there any version or should I use?

 

Thanks for your support,

Peri

 

Link to comment
Share on other sites

  • Administrators

By the way, what is the reason why you use micro updates? Keep in mind that they should be used only on machines where Internet connection is too expensive (e.g. satellite connection on a ships). Using micro updates will cause that important protection modules like HIPS, Deep Behavioral Inspection module, etc. will not be updated and the machines won't be protected proactively against newly emerging threats as good as they could be if they were updated from ESET's servers or a local mirror.

Quote

I'm also looking for a full installer for the Windows server 2019. Is there any version or should I use?

ESET server security products are still distributed as full installers with all modules included.

Link to comment
Share on other sites

11 minutes ago, Marcos said:

By the way, what is the reason why you use micro updates? Keep in mind that they should be used only on machines where Internet connection is too expensive (e.g. satellite connection on a ships).

Bingo!! :-)

I have around 30 PCs across the fleet showing that behaviour and I've tried that on my personal laptop which showed the same behaviour before applying the solution to those affected PCs.

If I wont be able to resolve the issue, I will upload the full installer and rerun the installation.

Link to comment
Share on other sites

  • Administrators
4 minutes ago, Peri said:

I have around 30 PCs across the fleet showing that behaviour and I've tried that on my personal laptop which showed the same behaviour before applying the solution to those affected PCs.

Are those machines connected to the Internet via a satellite connection?

Link to comment
Share on other sites

Yes, but internet connectivity is very limited and allowed only to specific url's/ip's.

One of them is *.eset.* for licencing verification

Link to comment
Share on other sites

  • Administrators
9 minutes ago, Peri said:

Yes, but internet connectivity is very limited and allowed only to specific url's/ip's.

ESET HTTP proxy already limits the connectivity to ESET servers. If computers are completely offline but there is at least one machine with connectivity to ESET servers, you should create a local mirror using the Mirror tool and transfer the mirror to other machines, e.g. via a flash disk.

Micro updates should only be used basically on ships where the connectivity is too expensive. Otherwise you will sacrifice protection for no reason.

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...