Enable LiveGuard Advanced and Vulnerability & Patch Management

[satellite360 0]

Hi all

Grateful for some guidance on how to enable LiveGuard Advanced and Vulnerability & Patch Management using ESET Protect.

The products are listed under License Management showing 0/xxx units and I've assigned to client devices via the relevant policies but none of the clients are picking up the changes. Clients already have Endpoint Security 11 installed.

Thanks

[MartinK 383]

In case of ESET LiveGuard, there are multiple ways of enabling it. Simplest and most effective is to use "ESET Solutions" (see main menu), which enables technology automatically and proactively also for new devices.

In case of Vulnerability & Patch Management, this mechanisms is not available yet, but there is a "Deploy" wizard available in context menu of groups and devices, which enables you to perform all required operations in a one-click manner for existing devices.

There is also alternative to enable both features manually, which involves performing activation, and also assignment of relevant policies which do enable and enforce these technologies. It provides more control but requires to understand how mechanisms do work, so it is not recommended for standard scenarios.

[satellite360 0]

15 minutes ago, MartinK said:

In case of ESET LiveGuard, there are multiple ways of enabling it. Simplest and most effective is to use "ESET Solutions" (see main menu), which enables technology automatically and proactively also for new devices.

In case of Vulnerability & Patch Management, this mechanisms is not available yet, but there is a "Deploy" wizard available in context menu of groups and devices, which enables you to perform all required operations in a one-click manner for existing devices.

There is also alternative to enable both features manually, which involves performing activation, and also assignment of relevant policies which do enable and enforce these technologies. It provides more control but requires to understand how mechanisms do work, so it is not recommended for standard scenarios.

ESET Solutions is showing ' enablement in progress' for all clients - no idea how to progress beyond there, rebooting the clients has no effect.

Grateful if you could elaborate on where i can set up the 'deploy' wizard for V&PM.  Thanks.

[satellite360 0]

33 minutes ago, MartinK said:

In case of ESET LiveGuard, there are multiple ways of enabling it. Simplest and most effective is to use "ESET Solutions" (see main menu), which enables technology automatically and proactively also for new devices.

In case of Vulnerability & Patch Management, this mechanisms is not available yet, but there is a "Deploy" wizard available in context menu of groups and devices, which enables you to perform all required operations in a one-click manner for existing devices.

There is also alternative to enable both features manually, which involves performing activation, and also assignment of relevant policies which do enable and enforce these technologies. It provides more control but requires to understand how mechanisms do work, so it is not recommended for standard scenarios.

Thanks for the pointers @MartinK

ESET Solutions is showing ' enablement in progress' for all clients - no idea how to progress beyond there, rebooting the clients has no effect.

Similarly, after enabling V&PM for all clients via the Solutions wizard, none of them actually enable, so when I check an individual computer it is still showing as unenabled and licenses remains as 0/xxx units.

Grateful if you could advise how to proceed.

[MartinK 383]

12 hours ago, satellite360 said:

Thanks for the pointers @MartinK

ESET Solutions is showing ' enablement in progress' for all clients - no idea how to progress beyond there, rebooting the clients has no effect.

Similarly, after enabling V&PM for all clients via the Solutions wizard, none of them actually enable, so when I check an individual computer it is still showing as unenabled and licenses remains as 0/xxx units.

Grateful if you could advise how to proceed.

Nor sure what could be wrong, as enabling both of the features is supposed to be fairly fast, almost instant in case devices are actively managed = connecting to the PROTECT console.

Deployment of ESET LiveGuard has advantage in a way that it also pro-actively evaluates whether devices are actually eligible and prerequisites are met -> is there any indicator that such devices are present in the network? Both of the features has certain prerequisites, like there has to be ESET security product already installed (i.e. ESET Endpoint Security) and also both of the features has certain platform limitations - ESET LiveGuard is not yet supported on macOS devices, and Vulnerability & Patch Management can be as of now enabled only on Windows devices.

In case prerequisites are supposed to be met, could you please double-check status of the "activation task" executed on the specific device? Task was supposed to be planned/scheduled using previously mentioned deployment actions. In case devices are connecting, there should be indication of the progress of the task, i.e. whether it was scheduled, executed and what was the result...

[satellite360 0]

7 hours ago, MartinK said:

Nor sure what could be wrong, as enabling both of the features is supposed to be fairly fast, almost instant in case devices are actively managed = connecting to the PROTECT console.

Deployment of ESET LiveGuard has advantage in a way that it also pro-actively evaluates whether devices are actually eligible and prerequisites are met -> is there any indicator that such devices are present in the network? Both of the features has certain prerequisites, like there has to be ESET security product already installed (i.e. ESET Endpoint Security) and also both of the features has certain platform limitations - ESET LiveGuard is not yet supported on macOS devices, and Vulnerability & Patch Management can be as of now enabled only on Windows devices.

In case prerequisites are supposed to be met, could you please double-check status of the "activation task" executed on the specific device? Task was supposed to be planned/scheduled using previously mentioned deployment actions. In case devices are connecting, there should be indication of the progress of the task, i.e. whether it was scheduled, executed and what was the result...

@MartinK - prerequisites should be good, clients are Windows 10 and 11 running EES version 11+.  The following tasks:

* Product Activation (Enable Vulnerability & Patch Management) - via context menu

* Product activation - via ESET LiveGuard

show failed for all clients that have connected. All clients show the same alerts:

* ESET Vulnerability management is non-functional

* ESET Patch management is non-functional

Rebooting client does not solve the problem. I'm guessing it is license related but the licenses show up just fine in EBA and under ESET Protect License Management with 0/xxx users.

Edited May 21 by satellite360

[MartinK 383]

17 hours ago, satellite360 said:

@MartinK - prerequisites should be good, clients are Windows 10 and 11 running EES version 11+.  The following tasks:

* Product Activation (Enable Vulnerability & Patch Management) - via context menu

* Product activation - via ESET LiveGuard

show failed for all clients that have connected. All clients show the same alerts:

* ESET Vulnerability management is non-functional

* ESET Patch management is non-functional

Rebooting client does not solve the problem. I'm guessing it is license related but the licenses show up just fine in EBA and under ESET Protect License Management with 0/xxx users.

As mentioned, there is indeed problem with activation, resulting into a "non-functional" state being reported, indicating features are enabled/enforced by policy, but not operational due to missing license. The same applied most probably for ESET LiveGuard, except that such state is suppressed for this feature.

In case license is correct, i.e. not exported/invalidated, only problem I can think of is that there is not a proper connectivity to ESET licensing servers during activation process. Active connection to https://edf.eset.com is required for online activation to work properly. Could you please double check there is no problem accessing this site? Could there be a misconfiguration HTTP proxy used, preventing our product accessing this site? Were actually EES product activated using the same license and not using for example offline licenses?

[satellite360 0]

6 hours ago, MartinK said:

As mentioned, there is indeed problem with activation, resulting into a "non-functional" state being reported, indicating features are enabled/enforced by policy, but not operational due to missing license. The same applied most probably for ESET LiveGuard, except that such state is suppressed for this feature.

In case license is correct, i.e. not exported/invalidated, only problem I can think of is that there is not a proper connectivity to ESET licensing servers during activation process. Active connection to https://edf.eset.com is required for online activation to work properly. Could you please double check there is no problem accessing this site? Could there be a misconfiguration HTTP proxy used, preventing our product accessing this site? Were actually EES product activated using the same license and not using for example offline licenses?

Not sure how to confirm validity of the license - no errors showing on ESET Protect or EBA.  All looks fine: I can see all the products we are paying for but only 'ESET Endpoint Security + ESET Server Security' is showing as having units installed, the newer products we we have just started paying for all showing as 0 installed.

Attempting to access https://edf.eset.com returns a 404 page not found error in the web browser but I can ping it without any problem.

EBA is showing one license with the various products listed below it, and no offline license files.

Thanks

[MartinK 383]

Unfortunately I run out of ideas. From description you provided, it seems like there is some kind of activation problem, which would probably require more deep analysis. Maybe @Marcos can provide hints, but it would be best to also open support ticket, so that more detailed information might be requested for further analysis.

Also could you please provide screenshot of task execution history, for example for ESET LiveGuard? There should be a list of operations performed of specific client, indicating when the task was started, how to finished and which components marked operation as failed. In this case, crucial component will be marked as "Security product", which should definitely reply with success, which is standard behavior.

One last thin I can think of: it is a standard deployment of ESET Endpoint Security, without any specific parameters, that might force it to exclude specific components?

[satellite360 0]

7 hours ago, MartinK said:

Unfortunately I run out of ideas. From description you provided, it seems like there is some kind of activation problem, which would probably require more deep analysis. Maybe @Marcos can provide hints, but it would be best to also open support ticket, so that more detailed information might be requested for further analysis.

Also could you please provide screenshot of task execution history, for example for ESET LiveGuard? There should be a list of operations performed of specific client, indicating when the task was started, how to finished and which components marked operation as failed. In this case, crucial component will be marked as "Security product", which should definitely reply with success, which is standard behavior.

One last thin I can think of: it is a standard deployment of ESET Endpoint Security, without any specific parameters, that might force it to exclude specific components?

Not quite sure what details you want from the task history - not seeing any mention of 'Security product' so perhaps I'm looking in the wrong place.  Grateful if you could give clear instruction on where i should be looking.

EES is pretty standard - we have a standard policy set on all clients but nothing unusual is set there.

Anyway, I have raised a ticket as advised so hopefully I can progress via that channel.

Thanks for the support.

[PeterMunster 0]

Did this ever get solved?  I have the exact same problem and Eset support has been working on this for weeks without being able to solve the problem.

[satellite360 0]

On 5/28/2024 at 9:55 PM, PeterMunster said:

Did this ever get solved?  I have the exact same problem and Eset support has been working on this for weeks without being able to solve the problem.

I opened a ticket and had a back and forth with support who established there was an issue communicating with ESET servers. At some point everything started working but support told me they had not made any changes so it would appear to have been a local issue though we made no network changes so I have no idea where the problem lay or how it was resolved.

[j-gray 37]

On 5/28/2024 at 7:55 AM, PeterMunster said:

Did this ever get solved?  I have the exact same problem and Eset support has been working on this for weeks without being able to solve the problem.

Any luck? Same issue here. I wouldn't expect communication issues like @satellite360 encountered.