Jump to content

Recommended Posts

Posted

Hello guys. I'm new into eset. Im trying to configure basic policies that for example block selected website. It seems that I configured that correctly, but nothing works. Im sure that there isnt doubled policies or policy is not aplied. I checked everything. I work on ESET PROTECT and ESET ENDPOINT. I did policy that block usb pendrive and it worked so I dont know where is the problem in other policies.

Zrzut ekranu 2023-03-08 072630.png

Zrzut ekranu 2023-03-08 072708.png

Posted

I split the generated logs into two separate files because the file was too big

ERA.zip

  • Most Valued Members
Posted

Just a suggestion , since you blocked Polish language of Facebook , it might just re-direct to some other domain or english language

Try blocking *.facebook.com

Posted

It doesnt work. I guess there is a problem with aplying policies. I  made a bunch of them and only one work- blocking removable devices. Should I remove my computer from dynamic group. Maybe this blocks policy from static group where I apply every policy that I made.

  • Administrators
Posted

I didn't find any issues with your configuration and using the very same Web Control rule worked for me. What about blocking a different website for a test? And what about blocking an http site? As for the suggestion above by Nightownl, try blocking just facebook.com since wildcards are not supported in Web Control rules.

Does blocking the website via Web access protection -> Url management work?

Posted

I added ip address of the website to the url management work and it doesnt work 😕 

  • Administrators
Posted

Is eicar detected by Web access protection when you download it via https from https://secure.eicar.org/eicarcom2.zip?

Does the problem persist even if you try to block the said hostname locally and not via a policy?

Posted

Eicar is detected by endpoint but webaccess doesnt say anything. I guess there is a problem with connection between endpoint and eset protect.

Posted

Maybe here is the problem. Should I remove computer from the dynamic group?

Zrzut ekranu 2023-03-08 083845.png

  • Administrators
Posted

To find out if the issue is policy related, please try what I suggested before:

Does the problem persist even if you try to block the said hostname locally and not via a policy?

Posted

I cant set it locally because I do not have password to ESET ENDPOINT. There is password reqiurment if you want to set the rule.

  • Administrators
Posted

If you are an administrator with access to ESET PROTECT, it should be you who set the password to protect settings.

At least you should be able to create a policy for a particular endpoint that will temporarily remove password protection.

Posted

Im one of the administrator. Can I check the password to the endpoint in the eset protect?

  • Administrators
Posted

You can't determine the password but you can create and enforce a policy that would either temporarily disable password protection set by another admin or enable override mode.

image.png

Posted

I added this policy and it still requier password. It can be problem between endpoint and protect. But I dont know what exactly is going on.

Zrzut ekranu 2023-03-08 100631.png

Zrzut ekranu 2023-03-08 100738.png

  • Administrators
Posted

I'm sorry, I was wrong with the override mode. Instead enforce a policy setting an empty password. After removing this policy, settings with be protected with the existing password again.

image.png

  • Solution
Posted

It worked after I deleted static group and kept only dynamic group. Question is how can i exclude my computer from dynamic group called windows pc

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...