ESET Moderators Peter Randziak 1,186 Posted May 9, 2023 ESET Moderators Posted May 9, 2023 Dear Linux community, We are pleased to announce BETA availability of the version 10 of ESET Endpoint Antivirus for Linux. As the feedback from real-life deployment is very important to ensure the high quality of our products, we would like to invite you to participate in this BETA program. To mention just few of the new features and improvements: Web access protection to scan HTTP and HTTPS communication Advanced Machine Learning – a high-powered detection engine in the cloud Detection level settings in Real-Time & Machine Learning protection Added Direct cloud communication module to enable receiving instant notifications from various ESET services Improve stability of the On-Access protection Added support for RHEL 9 and Linux Mint 21 Added Ukrainian localization Various under the hood improvements and fixes The installation binary is available at https://forum.eset.com/files/file/108-eea_10020/ As usually by joining the BETA program, you agree with the ESET BETA program agreement The online help is available at https://help.eset.com/eeau/10/en-US/ Please open a new topic in this forum to share your feedback or to report an issue. In case of any issues caused by the Web access protection, please capture the problematic communication via Wireshark and provide us with the packet capture to check. We are looking forward to your participation and feedback provided. Peter on behalf of the teams involved Quote
Most Valued Members Nightowl 206 Posted May 10, 2023 Most Valued Members Posted May 10, 2023 I will give it a try , thank you. Can I upgrade with my current license or I need a different kind of license? Quote
ESET Moderators Peter Randziak 1,186 Posted May 10, 2023 Author ESET Moderators Posted May 10, 2023 Hello @Nightowl, thank you for your interest in the BETA program participation. The activations of the BETA build are not restricted, so your standard license will work. In case you need one for the BETA testing, just drop me a private message. Peter Quote
Most Valued Members Nightowl 206 Posted May 10, 2023 Most Valued Members Posted May 10, 2023 (edited) 1 hour ago, Peter Randziak said: Hello @Nightowl, thank you for your interest in the BETA program participation. The activations of the BETA build are not restricted, so your standard license will work. In case you need one for the BETA testing, just drop me a private message. Peter I would just use my current one, I will just upgrade ESET in my computer as v9 is already installed. Thank you Edited May 10, 2023 by Nightowl Peter Randziak 1 Quote
Most Valued Members Nightowl 206 Posted May 11, 2023 Most Valued Members Posted May 11, 2023 (edited) For now ESET Protect still reads me as 9.1.4.0 I'm now like this : Product name: ESET Endpoint Antivirus Product version: 10.0.2.0 Operating system: Ubuntu 22.04 Machine: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz, 15680 MB RAM Edit : I sent a request to upgrade Agent , and then Protect was able to read v10 2nd edit : I think also the web protection is working but I cannot test it right now , because firewall filters will catch before There should be new settings added from ESET protect or it's same policy of before? Edited May 11, 2023 by Nightowl Quote
ESET Moderators Peter Randziak 1,186 Posted May 11, 2023 Author ESET Moderators Posted May 11, 2023 Hello @Nightowl, thank you for trying it our and for the feedback provided. 5 hours ago, Nightowl said: There should be new settings added from ESET protect or it's same policy of before? Support for new features / settings will have to be added as usually, so they will be manageable from the management console. Peter Quote
Most Valued Members Nightowl 206 Posted May 11, 2023 Most Valued Members Posted May 11, 2023 9 minutes ago, Peter Randziak said: Hello @Nightowl, thank you for trying it our and for the feedback provided. Support for new features / settings will have to be added as usually, so they will be manageable from the management console. Peter I can't manage to find the policy if I understood you right it will be added right? Thank you also. Quote
Most Valued Members Nightowl 206 Posted May 12, 2023 Most Valued Members Posted May 12, 2023 It seems that HTTPS filtering broke down FortiClient VPN application , I had to downgrade for now. Quote
azeu666 2 Posted May 12, 2023 Posted May 12, 2023 (edited) ESET PROTECT Essential On-Prem. Upgraded to EEA_10.0.2.0 10.0.2.0 on a test machine. Web access protection to scan HTTP and HTTPS communication blocks access to HTTP sites on a 192.168.1.0/24 network. When I run: sudo systemctl stop eea.service, able to access the blocked websites. When I run: sudo systemctl start eea.service, unable to access the blocked websites. Downgraded back to 9.1.4.0. Edited May 12, 2023 by azeu666 Quote
azeu666 2 Posted May 13, 2023 Posted May 13, 2023 (edited) Peter Randziak advised: "To mention just few of the new features and improvements." Where is the changelog presenting all the new features and improvements? The Beta version blocks Mullvad VPN 2023.3 for Linux with Wireguard Obfuscation set to UDP over TCP, and Quantun-resistant tunnel set to on. Will the custom scan be integrated with the supported Linux file managers, thus eliminating the need to type the path? Edited May 13, 2023 by azeu666 Quote
ESET Moderators Peter Randziak 1,186 Posted May 15, 2023 Author ESET Moderators Posted May 15, 2023 On 5/11/2023 at 2:22 PM, Nightowl said: I can't manage to find the policy if I understood you right it will be added right? If you mean the policy to mange the new settings i.e. those which were added in the version 10 only (i.e. are not available in the version 9), this is a BAU that those are being added later. Quote
ESET Moderators Peter Randziak 1,186 Posted May 15, 2023 Author ESET Moderators Posted May 15, 2023 Hello @Nightowl nad @azeu666 On 5/12/2023 at 5:57 PM, Nightowl said: It seems that HTTPS filtering broke down FortiClient VPN application , I had to downgrade for now. On 5/12/2023 at 9:23 PM, azeu666 said: Web access protection to scan HTTP and HTTPS communication blocks access to HTTP sites on a 192.168.1.0/24 network. On 5/13/2023 at 8:39 AM, azeu666 said: The Beta version blocks Mullvad VPN 2023.3 for Linux with Wireguard Obfuscation set to UDP over TCP, and Quantun-resistant tunnel set to on. sad to hear that you face such issue, glad you reported it here in BETA program. We would like to check it with the Dev team, please provide us with: 1. Diagnostics logs captured with the collector script https://help.eset.com/eeau/10/en-US/collect_logs.html please enable the diagnostics logging via a policy (as shown on the attached screenshot), reproduce the issue, collect the logs and revert the logging verbosity to the previous value. 2. pair of Wireshark logs one with the protection enabled i.e. from a attempt when the connection fails due to traffic filtering and second from an attempt with the protection disabled so the connection succeeds so we can compare them Once you have the diagnostics logs collected and the 2 Wireshark logs, please pack them to an archive, upload to a safe location and send me and @TomasP the download details so we can check it with the dev team. Thank you in advance, Peter Quote
azeu666 2 Posted May 15, 2023 Posted May 15, 2023 3 hours ago, Peter Randziak said: Hello @Nightowl nad @azeu666 sad to hear that you face such issue, glad you reported it here in BETA program. <cut> please enable the diagnostics logging via a policy (as shown on the attached screenshot), reproduce the issue, collect the logs and revert the logging verbosity to the previous value. As stated Friday, 12-05-2024 20:23, I have ESET PROTECT Essential On-Prem. I am not running Eset Endpoint for Linux (V7+). Quote
Dai Tomiyama 1 Posted May 16, 2023 Posted May 16, 2023 We too are in the process of downloading the build and checking out the new features. I have one question, we have a test environment where we are getting modules from a mirror tool. I am referring to the "ep10" folder since the EEAU version is 10, but the module has not been distributed and I am not able to update the module via the mirror tool. Will this be distributed soon? Sorry if I am posting to the wrong place. Quote
Most Valued Members Nightowl 206 Posted May 16, 2023 Most Valued Members Posted May 16, 2023 14 hours ago, azeu666 said: As stated Friday, 12-05-2024 20:23, I have ESET PROTECT Essential On-Prem. I am not running Eset Endpoint for Linux (V7+). It's just the name of the policy used to control Endpoint v10 from ESET Protect 17 hours ago, Peter Randziak said: We would like to check it with the Dev team, please provide us with: I will try to do this asap because I reverted to v9 , but mine can be reproduced just by having FortiClient VPN installed , and then install ESET v10 , FortiClient VPN will have a broken GUI after that. , removing ESET fixes FortiClient. Peter Randziak 1 Quote
Administrators Marcos 5,468 Posted May 16, 2023 Administrators Posted May 16, 2023 23 minutes ago, Dai Tomiyama said: I am referring to the "ep10" folder since the EEAU version is 10, but the module has not been distributed and I am not able to update the module via the mirror tool. Will this be distributed soon? Beta versions update from ESET beta server. The mirror tool is intended only for mirroring non-beta update files. Beta versions are not generally intended for massive deployment in networks. Quote
Administrators Marcos 5,468 Posted May 16, 2023 Administrators Posted May 16, 2023 18 minutes ago, Nightowl said: I will try to do this asap because I reverted to v9 , but mine can be reproduced just by having FortiClient VPN installed , and then install ESET v10 , FortiClient VPN will have a broken GUI after that. , removing ESET fixes FortiClient. Did you try to create exceptions using application or certificate rules? Quote
Most Valued Members Nightowl 206 Posted May 16, 2023 Most Valued Members Posted May 16, 2023 7 minutes ago, Marcos said: Did you try to create exceptions using application or certificate rules? Where I can find this options bro? and what I should change? maybe just turn off the scan for the VPN's port? Quote
Administrators Marcos 5,468 Posted May 16, 2023 Administrators Posted May 16, 2023 2 minutes ago, Nightowl said: Where I can find this options bro? and what I should change? maybe just turn off the scan for the VPN's port? Quote
Most Valued Members Nightowl 206 Posted May 16, 2023 Most Valued Members Posted May 16, 2023 Just now, Marcos said: It's weird when I had it installed , the policy was out-of-date , it didn't have options for Web Access Protection , I will try again when I get home. Quote
Administrators Marcos 5,468 Posted May 16, 2023 Administrators Posted May 16, 2023 3 minutes ago, Nightowl said: It's weird when I had it installed , the policy was out-of-date , it didn't have options for Web Access Protection , I will try again when I get home. Should it not be there, please check the version of installed modules in Help -> About: Update module 1080 (20230313)Translation support module 1969 (20230427) SysInspector module 1281.1 (20210407) SSL module 1075 (20230504) Push Notification Service module 1131.6 (20230426)Configuration module 2066.3 (20230424) Edit: The above Config. engine module is being released in small batches which is why you might not have received it yet. If you don't use the ESET PROTECT instance for managing production machines, you could switch to the pre-release update channel to get the latest module (a restart of the ESET PROTECT server service may be needed to force update). Peter Randziak 1 Quote
Most Valued Members Nightowl 206 Posted May 16, 2023 Most Valued Members Posted May 16, 2023 21 minutes ago, Marcos said: Should it not be there, please check the version of installed modules in Help -> About: Update module 1080 (20230313)Translation support module 1969 (20230427) SysInspector module 1281.1 (20210407) SSL module 1075 (20230504) Push Notification Service module 1131.6 (20230426)Configuration module 2066.3 (20230424) Edit: The above Config. engine module is being released in small batches which is why you might not have received it yet. If you don't use the ESET PROTECT instance for managing production machines, you could switch to the pre-release update channel to get the latest module (a restart of the ESET PROTECT server service may be needed to force update). Yes I manage through ESET Protect in Cloud , I will try again and report back. Quote
ESET Moderators Peter Randziak 1,186 Posted May 16, 2023 Author ESET Moderators Posted May 16, 2023 On 5/13/2023 at 8:39 AM, azeu666 said: Where is the changelog presenting all the new features and improvements? A changelog will be available with the GA release, but it will more or less contain the same info. The Web access protection is the top new feature, besides that the other improvements mentioned improve the security and usability of the product. On 5/13/2023 at 8:39 AM, azeu666 said: Will the custom scan be integrated with the supported Linux file managers, thus eliminating the need to type the path? We have such in the backlog so we would like to bring it in the future releases... Quote
ESET Moderators Peter Randziak 1,186 Posted May 16, 2023 Author ESET Moderators Posted May 16, 2023 Hello @azeu666, 17 hours ago, azeu666 said: As stated Friday, 12-05-2024 20:23, I have ESET PROTECT Essential On-Prem. I am not running Eset Endpoint for Linux (V7+). The ESET PROTECT Essential On-Prem is a name of the bundle you bought to protect your company. The "Eset Endpoint for Linux (V7+)." is the product deployed on the Linux workstations, note that this BETA program is for "ESET Endpoint Antivirus for Linux 10 BETA". As the dev team is interested in checking the report below On 5/12/2023 at 9:23 PM, azeu666 said: Web access protection to scan HTTP and HTTPS communication blocks access to HTTP sites on a 192.168.1.0/24 network. can you please provide us with the requested logs to check it with them? Thank you, Peter Quote
azeu666 2 Posted May 16, 2023 Posted May 16, 2023 (edited) 49 minutes ago, Peter Randziak said: Hello @azeu666, The ESET PROTECT Essential On-Prem is a name of the bundle you bought to protect your company. The "Eset Endpoint for Linux (V7+)." is the product deployed on the Linux workstations, note that this BETA program is for "ESET Endpoint Antivirus for Linux 10 BETA". As the dev team is interested in checking the report below can you please provide us with the requested logs to check it with them? Thank you, Peter I am referring to: "please enable the diagnostics logging via a policy (as shown on the attached screenshot), reproduce the issue, collect the logs and revert the logging verbosity to the previous value. " How am I to accomplish the above? Edited May 16, 2023 by azeu666 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.