Jump to content

Exclusions is locked after Configuration 2127.2


Recommended Posts

Hi Dear ESET Administrators.

From Yesterday many Endpoint and Servers that revived Configuration module update 2127.2 and all local Exclusions are now Ignored and Exclusions is locked as the picture attached.

RollBack update to  Configuration 2116.5 will unlock the exclusion and local exclusion will be enable !

ESET PROTECT (Server), Version 10.1 (10.1.1291.0)

Update module 1039 (20231023)
Translation support module 2011 (20240619)
SysInspector module 1283 (20220614)
SSL module 1086 (20240328)
Push Notification Service module 1137 (20240208)
Configuration module 2127.4 (20240628)

 

Server Security 10.0.1212.0

Detection Engine;29488;2024/07/02
Rapid Response module;24560;2024/07/02
Update module;1039;2023/10/23
Antivirus and antispyware scanner module;1613;2024/06/12
Advanced heuristics module;1228;2024/01/05
Archive support module;1351;2024/06/04
Cleaner module;1250;2024/05/27
Anti-Stealth support module;1191;2024/02/05
Firewall module;1447;2024/06/04
Translation support module;2011;2024/06/19
HIPS support module;1474;2024/06/04
Internet protection module;1475.2;2024/05/23
Database module;1125;2024/01/15
Configuration module;2127.3;2024/06/20
Direct Cloud communication module;1139;2024/06/03
Rootkit detection and cleaning module;1033;2022/09/16
Network protection module;1697;2024/05/13
Script scanner module;1173;2024/02/01
Cryptographic protocol support module;1086;2024/03/28
Advanced Machine Learning module;1154;2024/06/13
Security Center integration module;1040;2023/08/15

 

What can we Do ?

 

 

Configuration.jpg

Link to comment
Share on other sites

We found the problem , OLD Policy cause this Problem ! 

if Old Policy is assigned , Allow appending detection exclusions to locally defined list  will not work so local policy will not work !

Re generating Policy with new configuration module solve the Problem !

Link to comment
Share on other sites

  • Administrators

We're going to revert the Configuration module and release version 2116.6 soon while the issue with converting exclusions from old policies for Endpoint 7.1 and older gets fixed.

Link to comment
Share on other sites

It seems that there is many problem in 2127.3

We force "Allow appending detection exclusions to locally defined list" , Now local Exclusion is active but Console Exclusion will not Apply !!!

Link to comment
Share on other sites

right now Console 10.1 has Configuration module 2127.4 (20240628)

Endpoint Security V9 , Server V10  that has 2127.4 Will not apply Local Exclusions and Exclusions are Locked !

Endpoint Security with 2116.5 has no issue , Policy Exclusion and Local are work find.

Link to comment
Share on other sites

Console 11 ( With 2127.4 ) + Endpoint 11 ( With 2127.4 )  has no issue ( Local and policy Exclusion will work find )
😑

We are completely Confused !

Link to comment
Share on other sites

1 hour ago, Marcos said:

We're going to revert the Configuration module and release version 2116.6 soon while the issue with converting exclusions from old policies for Endpoint 7.1 and older gets fixed.

Right Now Revert is OK and All Versions are reverted to 2116.5 , And all Issue is solved right now ! 

Link to comment
Share on other sites

  • Administrators

Please kindly provide ELC logs from the server, we'd need to check your configuration policies even if there's no issue after reverting the Configuration module.

Link to comment
Share on other sites

1 hour ago, Marcos said:

Please kindly provide ESET Log Collector logs from the server, we'd need to check your configuration policies even if there's no issue after reverting the Configuration module.

This Console is belong to a UAE Goverment and we can not export full ESET Log Collector logs. Because they have sensitive data , But we can ask them to give us a limited ESET Log Collector maybe .

Witch Logs of ESET Log Collector do you need ?

Link to comment
Share on other sites

  • Marcos changed the title to Exclusions is locked after Configuration 2127.2
  • Administrators

LastPolicy.dat from the archive created by ELC might suffice for now.

Link to comment
Share on other sites

again this issue occurred by configuration module 2127.6

Local Exclusions are ignored and exclusion section are fully locked by Policy !

 

Link to comment
Share on other sites

  • Administrators

Please provide LastPolicy.dat at least. What product is affected? ESET Endpoint Antivirus / Security? Or ESET Server Security? What version?

Link to comment
Share on other sites

We successfully regenerate the issue in TEST environment and Full ESET Log Collector is attached.

Right now the exclusion is locked and local Exclusions is not apply even in ESS that installed on ESET Protect Server !

Same as EES/ESS V9 V10 V11 on all Clinets and servers

 

Exclution_Issue.zip

Link to comment
Share on other sites

We find the solution , After Upgrading Console to Configuration Module 2127.6

and re create the policy with enable "Allow appending detection exclusions to locally defined list" solve the issue !

Link to comment
Share on other sites

in some special situations if we assign two policy and both has "Allow appending detection exclusions to locally defined list" enabled , The Local Exclusions will be unlocked !  So the problem is very Confusing !

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...