kapi9913 0 Posted March 8 Share Posted March 8 Hello guys. I'm new into eset. Im trying to configure basic policies that for example block selected website. It seems that I configured that correctly, but nothing works. Im sure that there isnt doubled policies or policy is not aplied. I checked everything. I work on ESET PROTECT and ESET ENDPOINT. I did policy that block usb pendrive and it worked so I dont know where is the problem in other policies. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,907 Posted March 8 Administrators Share Posted March 8 Please provide logs collected with ESET Log Collector from an endpoint where the url block doesn't work. Link to comment Share on other sites More sharing options...
kapi9913 0 Posted March 8 Author Share Posted March 8 I split the generated logs into two separate files because the file was too big ERA.zip Link to comment Share on other sites More sharing options...
kapi9913 0 Posted March 8 Author Share Posted March 8 Here is the second part of generated logs. Windows.zip Link to comment Share on other sites More sharing options...
Most Valued Members Nightowl 198 Posted March 8 Most Valued Members Share Posted March 8 Just a suggestion , since you blocked Polish language of Facebook , it might just re-direct to some other domain or english language Try blocking *.facebook.com Link to comment Share on other sites More sharing options...
kapi9913 0 Posted March 8 Author Share Posted March 8 It doesnt work. I guess there is a problem with aplying policies. I made a bunch of them and only one work- blocking removable devices. Should I remove my computer from dynamic group. Maybe this blocks policy from static group where I apply every policy that I made. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,907 Posted March 8 Administrators Share Posted March 8 I didn't find any issues with your configuration and using the very same Web Control rule worked for me. What about blocking a different website for a test? And what about blocking an http site? As for the suggestion above by Nightownl, try blocking just facebook.com since wildcards are not supported in Web Control rules. Does blocking the website via Web access protection -> Url management work? Link to comment Share on other sites More sharing options...
kapi9913 0 Posted March 8 Author Share Posted March 8 I added ip address of the website to the url management work and it doesnt work 😕 Link to comment Share on other sites More sharing options...
Administrators Marcos 4,907 Posted March 8 Administrators Share Posted March 8 Is eicar detected by Web access protection when you download it via https from https://secure.eicar.org/eicarcom2.zip? Does the problem persist even if you try to block the said hostname locally and not via a policy? Link to comment Share on other sites More sharing options...
kapi9913 0 Posted March 8 Author Share Posted March 8 Eicar is detected by endpoint but webaccess doesnt say anything. I guess there is a problem with connection between endpoint and eset protect. Link to comment Share on other sites More sharing options...
kapi9913 0 Posted March 8 Author Share Posted March 8 Maybe here is the problem. Should I remove computer from the dynamic group? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,907 Posted March 8 Administrators Share Posted March 8 To find out if the issue is policy related, please try what I suggested before: Does the problem persist even if you try to block the said hostname locally and not via a policy? Link to comment Share on other sites More sharing options...
kapi9913 0 Posted March 8 Author Share Posted March 8 I cant set it locally because I do not have password to ESET ENDPOINT. There is password reqiurment if you want to set the rule. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,907 Posted March 8 Administrators Share Posted March 8 If you are an administrator with access to ESET PROTECT, it should be you who set the password to protect settings. At least you should be able to create a policy for a particular endpoint that will temporarily remove password protection. Link to comment Share on other sites More sharing options...
kapi9913 0 Posted March 8 Author Share Posted March 8 Im one of the administrator. Can I check the password to the endpoint in the eset protect? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,907 Posted March 8 Administrators Share Posted March 8 You can't determine the password but you can create and enforce a policy that would either temporarily disable password protection set by another admin or enable override mode. Link to comment Share on other sites More sharing options...
kapi9913 0 Posted March 8 Author Share Posted March 8 I added this policy and it still requier password. It can be problem between endpoint and protect. But I dont know what exactly is going on. Link to comment Share on other sites More sharing options...
Administrators Marcos 4,907 Posted March 8 Administrators Share Posted March 8 I'm sorry, I was wrong with the override mode. Instead enforce a policy setting an empty password. After removing this policy, settings with be protected with the existing password again. Link to comment Share on other sites More sharing options...
Solution kapi9913 0 Posted March 8 Author Solution Share Posted March 8 It worked after I deleted static group and kept only dynamic group. Question is how can i exclude my computer from dynamic group called windows pc Link to comment Share on other sites More sharing options...
Recommended Posts