Jump to content

Recommended Posts

  • ESET Moderators
Posted

Dear Linux community, 

We are pleased to announce BETA availability of the version 10 of ESET Endpoint Antivirus for Linux.
As the feedback from real-life deployment is very important to ensure the high quality of our products, we would like to invite you to participate in this BETA program.

To mention just few of the new features and improvements:

  • Web access protection to scan HTTP and HTTPS communication
  • Advanced Machine Learning – a high-powered detection engine in the cloud
  • Detection level settings in Real-Time & Machine Learning protection
  • Added Direct cloud communication module to enable receiving instant notifications from various ESET services
  • Improve stability of the On-Access protection
  • Added support for RHEL 9 and Linux Mint 21
  • Added Ukrainian localization
  • Various under the hood improvements and fixes 


The installation binary is available at https://forum.eset.com/files/file/108-eea_10020/
As usually by joining the BETA program, you agree with the ESET BETA program agreement

The online help is available at https://help.eset.com/eeau/10/en-US/

Please open a new topic in this forum to share your feedback or to report an issue.
In case of any issues caused by the Web access protection, please capture the problematic communication via Wireshark and provide us with the packet capture to check.

We are looking forward to your participation and feedback provided.
Peter on behalf of the teams involved

  • Most Valued Members
Posted

I will give it a try , thank you.

Can I upgrade with my current license or I need a different kind of license?

  • ESET Moderators
Posted

Hello @Nightowl,

thank you for your interest in the BETA program participation.
The activations of the BETA build are not restricted, so your standard license will work.
In case you need one for the BETA testing, just drop me a private message.

Peter

  • Most Valued Members
Posted (edited)
1 hour ago, Peter Randziak said:

Hello @Nightowl,

thank you for your interest in the BETA program participation.
The activations of the BETA build are not restricted, so your standard license will work.
In case you need one for the BETA testing, just drop me a private message.

Peter

I would just use my current one, I will just upgrade ESET in my computer as v9 is already installed.

Thank you

Edited by Nightowl
  • Most Valued Members
Posted (edited)

For now ESET Protect still reads me as 9.1.4.0

I'm now like this :

image.png


Product name: ESET Endpoint Antivirus
Product version: 10.0.2.0
Operating system: Ubuntu 22.04
Machine: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz, 15680 MB RAM

Edit : I sent a request to upgrade Agent , and then Protect was able to read v10

 

2nd edit :

I think also the web protection is working

image.png

but I cannot test it right now , because firewall filters will catch before

 

There should be new settings added from ESET protect or it's same policy of before?

 

Edited by Nightowl
  • ESET Moderators
Posted

Hello @Nightowl,

thank you for trying it our and for the feedback provided.

5 hours ago, Nightowl said:

There should be new settings added from ESET protect or it's same policy of before?

Support for new features / settings will have to be added as usually, so they will be manageable from the management console.

Peter

  • Most Valued Members
Posted
9 minutes ago, Peter Randziak said:

Hello @Nightowl,

thank you for trying it our and for the feedback provided.

Support for new features / settings will have to be added as usually, so they will be manageable from the management console.

Peter

I can't manage to find the policy if I understood you right it will be added right?

Thank you also.

  • Most Valued Members
Posted

It seems that HTTPS filtering broke down FortiClient VPN application ,  I had to downgrade for now.

Posted (edited)

ESET PROTECT Essential On-Prem.

Upgraded to EEA_10.0.2.0 10.0.2.0  on a test machine.

Web access protection to scan HTTP and HTTPS communication blocks access to HTTP sites on a 192.168.1.0/24 network.

When I run: sudo systemctl stop eea.service, able to access the blocked websites.

When I run: sudo systemctl start eea.service, unable to access the blocked websites.

Downgraded back to 9.1.4.0.

Edited by azeu666
Posted (edited)

Peter Randziak  advised: "To mention just few of the new features and improvements."

Where is the changelog presenting all the new features and improvements?

The Beta version blocks Mullvad VPN 2023.3 for Linux with Wireguard Obfuscation set to UDP over TCP, and Quantun-resistant tunnel set to on.

Will the custom scan be integrated with the supported Linux file managers, thus eliminating the need to type the path?

Edited by azeu666
  • ESET Moderators
Posted
On 5/11/2023 at 2:22 PM, Nightowl said:

I can't manage to find the policy if I understood you right it will be added right?

If you mean the policy to mange the new settings i.e. those which were added in the version 10 only (i.e. are not available in the version 9), this is a BAU that those are being added later.

  • ESET Moderators
Posted

Hello @Nightowl nad @azeu666

On 5/12/2023 at 5:57 PM, Nightowl said:

It seems that HTTPS filtering broke down FortiClient VPN application ,  I had to downgrade for now.

 

On 5/12/2023 at 9:23 PM, azeu666 said:

Web access protection to scan HTTP and HTTPS communication blocks access to HTTP sites on a 192.168.1.0/24 network.

 

On 5/13/2023 at 8:39 AM, azeu666 said:

The Beta version blocks Mullvad VPN 2023.3 for Linux with Wireguard Obfuscation set to UDP over TCP, and Quantun-resistant tunnel set to on.

sad to hear that you face such issue, glad you reported it here in BETA program.

We would like to check it with the Dev team, please provide us with:
 

1. Diagnostics logs captured with the collector script https://help.eset.com/eeau/10/en-US/collect_logs.html 

please enable the diagnostics logging via a policy (as shown on the attached screenshot), reproduce the issue, collect the logs and revert the logging verbosity to the previous value. image.png

2. pair of Wireshark logs one with the protection enabled i.e. from a attempt when the connection fails due to traffic filtering and second from an attempt with the protection disabled so the connection succeeds so we can compare them

Once you have the diagnostics logs collected and the 2 Wireshark logs, please pack them to an archive, upload to a safe location and send me and @TomasP the download details so we can check it with the dev team.

Thank you in advance,
Peter

Posted
3 hours ago, Peter Randziak said:

Hello @Nightowl nad @azeu666

sad to hear that you face such issue, glad you reported it here in BETA program.

<cut>

please enable the diagnostics logging via a policy (as shown on the attached screenshot), reproduce the issue, collect the logs and revert the logging verbosity to the previous value.

 

 

As stated Friday, 12-05-2024 20:23, I have ESET PROTECT Essential On-Prem.  I am not running Eset Endpoint for Linux (V7+).

Posted

We too are in the process of downloading the build and checking out the new features.
I have one question, we have a test environment where we are getting modules from a mirror tool.

I am referring to the "ep10" folder since the EEAU version is 10, but the module has not been distributed and I am not able to update the module via the mirror tool.
Will this be distributed soon?

Sorry if I am posting to the wrong place.

  • Most Valued Members
Posted
14 hours ago, azeu666 said:

As stated Friday, 12-05-2024 20:23, I have ESET PROTECT Essential On-Prem.  I am not running Eset Endpoint for Linux (V7+).

It's just the name of the policy used to control Endpoint v10 from ESET Protect

17 hours ago, Peter Randziak said:

We would like to check it with the Dev team, please provide us with:

I will try to do this asap because I reverted to v9 , but mine can be reproduced just by having FortiClient VPN installed , and then install ESET v10 , FortiClient VPN will have a broken GUI after that. , removing ESET fixes FortiClient.

  • Administrators
Posted
23 minutes ago, Dai Tomiyama said:

I am referring to the "ep10" folder since the EEAU version is 10, but the module has not been distributed and I am not able to update the module via the mirror tool.

Will this be distributed soon?

Beta versions update from ESET beta server. The mirror tool is intended only for mirroring non-beta update files. Beta versions are not generally intended for massive deployment in networks.

  • Administrators
Posted
18 minutes ago, Nightowl said:

I will try to do this asap because I reverted to v9 , but mine can be reproduced just by having FortiClient VPN installed , and then install ESET v10 , FortiClient VPN will have a broken GUI after that. , removing ESET fixes FortiClient.

Did you try to create exceptions using application or certificate rules?

image.png

  • Most Valued Members
Posted
7 minutes ago, Marcos said:

Did you try to create exceptions using application or certificate rules?

image.png

Where I can find this options bro? and what I should change? maybe just turn off the scan for the VPN's port?

  • Administrators
Posted

 

2 minutes ago, Nightowl said:

Where I can find this options bro? and what I should change? maybe just turn off the scan for the VPN's port?

image.png

  • Most Valued Members
Posted
Just now, Marcos said:

 

image.png

It's weird when I had it installed , the policy was out-of-date , it didn't have options for Web Access Protection , I will try again when I get home.

  • Administrators
Posted
3 minutes ago, Nightowl said:

It's weird when I had it installed , the policy was out-of-date , it didn't have options for Web Access Protection , I will try again when I get home.

Should it not be there, please check the version of installed modules in Help -> About:

Update module    1080 (20230313)
Translation support module    1969 (20230427)
SysInspector module    1281.1 (20210407)
SSL module    1075 (20230504)
Push Notification Service module    1131.6 (20230426)
Configuration module    2066.3 (20230424)

Edit: The above Config. engine module is being released in small batches which is why you might not have received it yet. If you don't use the ESET PROTECT instance for managing production machines, you could switch to the pre-release update channel to get the latest module (a restart of the ESET PROTECT server service may be needed to force update).

  • Most Valued Members
Posted
21 minutes ago, Marcos said:

Should it not be there, please check the version of installed modules in Help -> About:

Update module    1080 (20230313)
Translation support module    1969 (20230427)
SysInspector module    1281.1 (20210407)
SSL module    1075 (20230504)
Push Notification Service module    1131.6 (20230426)
Configuration module    2066.3 (20230424)

Edit: The above Config. engine module is being released in small batches which is why you might not have received it yet. If you don't use the ESET PROTECT instance for managing production machines, you could switch to the pre-release update channel to get the latest module (a restart of the ESET PROTECT server service may be needed to force update).

Yes I manage through ESET Protect in Cloud , I will try again and report back.

  • ESET Moderators
Posted
On 5/13/2023 at 8:39 AM, azeu666 said:

Where is the changelog presenting all the new features and improvements?

A changelog will be available with the GA release, but it will more or less contain the same info.
The Web access protection is the top new feature, besides that the other improvements mentioned improve the security and usability of the product.

On 5/13/2023 at 8:39 AM, azeu666 said:

Will the custom scan be integrated with the supported Linux file managers, thus eliminating the need to type the path?

We have such in the backlog so we would like to bring it in the future releases...

  • ESET Moderators
Posted

Hello @azeu666,

17 hours ago, azeu666 said:

As stated Friday, 12-05-2024 20:23, I have ESET PROTECT Essential On-Prem.  I am not running Eset Endpoint for Linux (V7+).

The ESET PROTECT Essential On-Prem is a name of the bundle you bought to protect your company.

The "Eset Endpoint for Linux (V7+)." is the product deployed on the Linux workstations, note that this BETA program is for "ESET Endpoint Antivirus for Linux 10 BETA". 

As the dev team is interested in checking the report below

On 5/12/2023 at 9:23 PM, azeu666 said:

Web access protection to scan HTTP and HTTPS communication blocks access to HTTP sites on a 192.168.1.0/24 network.

can you please provide us with the requested logs to check it with them?

Thank you, Peter

Posted (edited)
49 minutes ago, Peter Randziak said:

Hello @azeu666,

The ESET PROTECT Essential On-Prem is a name of the bundle you bought to protect your company.

The "Eset Endpoint for Linux (V7+)." is the product deployed on the Linux workstations, note that this BETA program is for "ESET Endpoint Antivirus for Linux 10 BETA". 

As the dev team is interested in checking the report below

can you please provide us with the requested logs to check it with them?

Thank you, Peter

I am referring to: "please enable the diagnostics logging via a policy (as shown on the attached screenshot), reproduce the issue, collect the logs and revert the logging verbosity to the previous value. "

How am I to accomplish the above?

Edited by azeu666

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...