Jump to content

Default Policies for Endpoint (Windows, Linux, macOS)


Recommended Posts

We are trying to figure out what the official default policies are for the ESET Endpoint products.

Starting with Windows, we are using the ESET Endpoint Security client software, and some of our PCs have 4 applied policies:

image.thumb.png.d1d0980903d04c2e104ee32db64e97e8.png

While other PCs have 3 applied policies:

image.thumb.png.da9392ff4c3e632f369ab0d433fbfe34.png

Meanwhile, these are the policies offered by ESET Protect:

image.thumb.png.91a64a137bce476757ffdfca7a020265.png

And this one is listed under Custom policies:

image.thumb.png.39e57031ed2027cc48fb6d55e2d4c2d0.png

Which of these policies is currently the official default for ESET Security Endpoint on Windows?

Edited by eab
Link to comment
Share on other sites

  • Administrators

The only policy applied by default is the auto-update policy. Here is a screenshot taken from a freshly deployed virtual appliance:

image.png

Link to comment
Share on other sites

Posted (edited)

Are you using the same client software? (we are using ESET Endpoint Security 11)
If so, why is it that we have this 'Common features' policy set by default? 

And, as you can see in the screenshots, we don't even have any 'Auto-updates' policy. 🤷‍♂️

What's even more bewildering is that the 'Common features' policy shows on the PC info (screenshots above) as being disabled (grayed out) with the status 'Product not installed'. 

Edited by eab
Link to comment
Share on other sites

  • Administrators

I assume that the default auto-update policy was unassigned from the All group and then a new auto-update policy was created by an administrator and assigned to "All" like in my test case (I didn't unassign the default policy, hence there are two):

image.png

Also the lable "Product not installed" is a known visual bug which occurs when you manually add a common features policy. The default auto-update policy displays "Actual" in the Status column.

Link to comment
Share on other sites

Posted (edited)

This is really confusing. I never manually set this 'Common features' policy, and I cannot locate any policy named 'Auto-updates' either.

We used to host ESET Protect on-site, and then we migrated to the Cloud-based ESET Protect.

Is there any way to completely reset all policies to the "default"/"original" state? 

The only official documentation containing a list of policies for Windows ESET Endpoint Security that I can find is this one for on-prem ESET Protect: https://help.eset.com/ees/11/en-US/how_apply_policy.html?how_apply_policy.html

... and it doesn't say anything about an anto-update or 'common features' policy.

It seems like 'Common features' is not even a policy, but a policy group.

image.thumb.png.41711e4ea56270d4a0437f6be9664f69.png

All policies inside are locked with 'Managed by ESET Protect' appearing when you hover over with the mouse cursor.

Only the very first one, 'Enable product auto-update', is assigned, and it's assigned to the 'All' computer group. This must be the equivalent of your 'Auto-updates' policy.

 
Edited by eab
Link to comment
Share on other sites

  • Administrators

I've checked ESET PROTECT and it uses the very same default policy. Other policies must have been selected from the list of built-in policies and assigned to groups or clients. It is possible that the audit log contains information about changes in policy assignments.

image.png

Link to comment
Share on other sites

Posted (edited)

The only difference seems to be the 'Policy Product' name - you have 'Auto-updates' and I have 'Common features'. The 'Policy Name' is identical.

This is what the settings for my 'Enable product auto-update' policy looks like:

image.thumb.png.42135f0934fab041eab561a89b3fa1ce.png

This policy should work for both the Windows and Linux ESET Endpoint products which we use:

image.thumb.png.0e17dbe68678e5d75bdf95d950608f63.pngimage.thumb.png.d88e7dea255d81c772ee65a3f19bca8f.png

For our Linux PCs it shows up correctly:

image.thumb.png.c13ff12f5b36ee37e6a9f1ff7f63b802.png

Whereas for our Windows PCs it shows up as disabled with the 'Product not installed' message:

image.thumb.png.9a6b3c1e94862d154f7a3771b2c3fd0c.png

One thing I did notice was that the 'Parent Name' for the policy in Linux is 'Linux Computers', whereas for the policy in Windows its 'All'. Is this 'Parent Name' column referring to the Computer Group that the policy is assigned to? Because, if so, that's wrong - the policy is assigned to the 'Windows computers' Computer Group, and not to 'All':

image.thumb.png.e4e42809b1fbca249bd758aee4534c43.png

Edited by eab
Link to comment
Share on other sites

On 3/11/2024 at 2:30 PM, Marcos said:

I assume that the default auto-update policy was unassigned from the All group and then a new auto-update policy was created by an administrator and assigned to "All" like in my test case (I didn't unassign the default policy, hence there are two):

image.png

Also the lable "Product not installed" is a known visual bug which occurs when you manually add a common features policy. The default auto-update policy displays "Actual" in the Status column.

Could you please show me what the settings are for your 'Enable product auto-update' policy?

Link to comment
Share on other sites

  • Administrators
10 hours ago, eab said:

Could you please show me what the settings are for your 'Enable product auto-update' policy?

I'm sorry but I don't understand your question. Perhaps the best course of action would be raising a support ticket.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...