baran 0 Posted May 11 Share Posted May 11 hi guys I have bought a new version of inspect(EDR) and it is installed in a network that is completely offline and does not have internet. What level of protection does this product have without internet? Like antivirus, does it need to be updated daily? Or it can be updated offline. Thank you for your explanation Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted May 14 Administrators Share Posted May 14 ESET Inspect is intended for environments where the server can communicate with LiveGrid server at least. Without access to LiveGrid, EI would not work effectively as many rules that leverage LiveGrid would not trigger at all. Quote Link to comment Share on other sites More sharing options...
baran 0 Posted May 16 Author Share Posted May 16 It is absolutely true. Is it not possible that these rules can be applied offline?(This is a secret network and it is not possible to communicate with other networks.) Quote Link to comment Share on other sites More sharing options...
Administrators Marcos 5,273 Posted May 16 Administrators Share Posted May 16 There are more than 280 rules that use LiveGrid data for evaluation so these would not work. In the future there should be a local version of LiveGrid that will contain information about files in the local network that might help with evaluation in offline networks. Quote Link to comment Share on other sites More sharing options...
ESET Staff j91321 7 Posted May 21 ESET Staff Share Posted May 21 You also loose the regular EDR rule updates which are delivered to the server through the same mechanism as AV updates are. A new EDR rule module is usually released weekly. Without any internet connection you will receive updates only when upgrading the server with a new release (which can be several months apart). When working within air-gapped networks, your best option is to invest resources into creating custom rules that fit your needs. Which of course is a lot of additional effort, but these are an unfortunate realities when working within such environments. Quote Link to comment Share on other sites More sharing options...
baran 0 Posted August 6 Author Share Posted August 6 hi j91321 Is it possible to export the rules from a console that has free access to the Internet and import them into the offline console? is it possible? Is there a local version of EastLiveGrid for offline networks? Quote Link to comment Share on other sites More sharing options...
ESET Staff j91321 7 Posted August 12 ESET Staff Share Posted August 12 On 8/6/2024 at 2:18 PM, baran said: Is it possible to export the rules from a console that has free access to the Internet and import them into the offline console? is it possible? Yes, this is possible by using the Export/Import in Rules list screen. Quote Link to comment Share on other sites More sharing options...
baran 0 Posted August 14 Author Share Posted August 14 How and when are these rules updated? Does it have a specific time? Quote Link to comment Share on other sites More sharing options...
ESET Staff j91321 7 Posted August 26 ESET Staff Share Posted August 26 There is no specific dedicated timeslot, new module is released usually on Monday, it all depends on several factors like the number of changes and their importance. Sometimes new module can be released twice a week. If you copy over the rules once a month you should be good. Also the rule updates are distributed over the same mechanism as AV updates so if you already have a working process for that I'd reuse it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.