Jump to content

ESET Endpoint AV for OSX 6.1.12.0 - Web Access Protection severely impacts browsing


Recommended Posts

We are in the process of fixing ultimate bugs found during QA tests. EEA 6.2 should be released soon. As soon as it's ready for release, I assume it shouldn't be a problem to provide it to you in advance.

We would also be interested in using 6.2 in advance.

Link to post
Share on other sites
  • ESET Insiders

This is not acceptable. we are uninstalling endpoint for mac. It stop printing, websites and contacting the ERA server for licensing! Please update this forum the second an update comes out. we will test install it before deploying to thousands of upset employees.

 

Disabling scanning of port 80 on Macintosh for Web Control/Web Filtering will eliminate this problem (temporarily) for Macintosh until a proper fix is in place by ESET. I would test thoroughly in your environment and weigh any security risks with benefits.

Link to post
Share on other sites

 

This is not acceptable. we are uninstalling endpoint for mac. It stop printing, websites and contacting the ERA server for licensing! Please update this forum the second an update comes out. we will test install it before deploying to thousands of upset employees.

 

Disabling scanning of port 80 on Macintosh for Web Control/Web Filtering will eliminate this problem (temporarily) for Macintosh until a proper fix is in place by ESET. I would test thoroughly in your environment and weigh any security risks with benefits.

 

 

i have allowed ports 1-65535 and disabled web access protection. still causing problems. it seems to be worse on Mac OSX 10.11

Link to post
Share on other sites
  • ESET Insiders

 

 

This is not acceptable. we are uninstalling endpoint for mac. It stop printing, websites and contacting the ERA server for licensing! Please update this forum the second an update comes out. we will test install it before deploying to thousands of upset employees.

 

Disabling scanning of port 80 on Macintosh for Web Control/Web Filtering will eliminate this problem (temporarily) for Macintosh until a proper fix is in place by ESET. I would test thoroughly in your environment and weigh any security risks with benefits.

 

 

i have allowed ports 1-65535 and disabled web access protection. still causing problems. it seems to be worse on Mac OSX 10.11

 

 

Not sure what was meant by allowing ports 1-65535 (on the firewall? No good).

Settings --> Web and Email --> Web Access Protection --> Web Protocols --> Ports used by HTTP Protocol --> I removed 80 and then set the rule to "force" from "apply"

Settings --> Web and Email --> Web Control --> Enable Web Control --> I disabled (ticked off) the option and then set the rule to "force" from "apply"

Link to post
Share on other sites

I have replaced EES with EAV on Macs where web protection module can be skipped during the installation. Additionally, for all clients that failed to report back to the ERA, in our case, migration to Server 2012 R2 as a host for ERA plus latest ERA 6.2 (from memory) deployment solved the problem. We've been running in this environment for couple of weeks now and haven't had a single client dropping off yet. There is some additional work required like certificates migration as well as database, but in our case it was worth it. Nonetheless, I agree with all of you here, new release is desperately needed.

Link to post
Share on other sites

 

 

 

This is not acceptable. we are uninstalling endpoint for mac. It stop printing, websites and contacting the ERA server for licensing! Please update this forum the second an update comes out. we will test install it before deploying to thousands of upset employees.

 

Disabling scanning of port 80 on Macintosh for Web Control/Web Filtering will eliminate this problem (temporarily) for Macintosh until a proper fix is in place by ESET. I would test thoroughly in your environment and weigh any security risks with benefits.

 

 

i have allowed ports 1-65535 and disabled web access protection. still causing problems. it seems to be worse on Mac OSX 10.11

 

 

Not sure what was meant by allowing ports 1-65535 (on the firewall? No good).

Settings --> Web and Email --> Web Access Protection --> Web Protocols --> Ports used by HTTP Protocol --> I removed 80 and then set the rule to "force" from "apply"

Settings --> Web and Email --> Web Control --> Enable Web Control --> I disabled (ticked off) the option and then set the rule to "force" from "apply"

 

Yes i allowed all firewall ports to attempt to correct a firewall that is not working and unreliable at best. it was not a permanent solution just troubleshooting.

I will try your settings to see if it helps

Link to post
Share on other sites
  • ESET Insiders

The easiest way to get around this issue is to exempt all of your internet browsers from filtering. This has worked for the 80 macs in my organization.

 

^^ That too...

Link to post
Share on other sites

Regardless of how I set the proxy, even when its disabled it still blocks web sites

that is the problem we are having all web access protect and firewall disabled or all ports allowed still blocks websites random ones for some or all for others.

Link to post
Share on other sites

We are in the process of fixing ultimate bugs found during QA tests. EEA 6.2 should be released soon. As soon as it's ready for release, I assume it shouldn't be a problem to provide it to you in advance.

 

How goes the QA testing ? It's been 2 weeks since you last updated us. Are there any pre-releases available yet ?

Link to post
Share on other sites

Should I get a refund for my 2 year license ? Since I am unable to use eset6 on OS X? If you can't show any resolution with this I will have to look else where for our AV

Link to post
Share on other sites
  • ESET Moderators

Hello,

We have a beta build for the upcoming service release, so if you are willing to install it and see whether it resolves the issue for you, please PM me and I will make the build available to you.

Regards,

T.

Link to post
Share on other sites

 

The easiest way to get around this issue is to exempt all of your internet browsers from filtering. This has worked for the 80 macs in my organization.

 

^^ That too...

 

how do i do this with eset remote administrator?

Link to post
Share on other sites

 

 

The easiest way to get around this issue is to exempt all of your internet browsers from filtering. This has worked for the 80 macs in my organization.

 

^^ That too...

 

how do i do this with eset remote administrator?

 

In the OS X policy go to the Web and Email Tab, then click edit next to "Excluded Applications"

Link to post
Share on other sites

 

 

 

The easiest way to get around this issue is to exempt all of your internet browsers from filtering. This has worked for the 80 macs in my organization.

 

^^ That too...

 

how do i do this with eset remote administrator?

 

In the OS X policy go to the Web and Email Tab, then click edit next to "Excluded Applications"

 

Thanks

do i need t specify the path as

/Applications/Safari

or

/Applications/Safari.app

?

Link to post
Share on other sites
  • 2 weeks later...
  • ESET Staff

Just to give you a short heads-up. As of today, we have released the new Configuration Engine Module for ESET Remote Administrator, that brings support for the new settings needed to configure new options in the OS X build.

OS X build testing continues, and based on the quick discussion with the head of OS X developers and my colleague from PM, it seems realistic, that the build will be released within the first two weeks of May.

Edited by MichalJ
Link to post
Share on other sites

Just to give you a short heads-up. As of today, we have released the new Configuration Engine Module for ESET Remote Administrator, that brings support for the new settings needed to configure new options in the OS X build.

OS X build testing continues, and based on the quick discussion with the head of OS X developers and my colleague from PM, it seems realistic, that the build will be released within the first two weeks of May.

 

Sweet. How do we get the new Configuration Engine Module and what changes come with it ?

Link to post
Share on other sites
  • ESET Staff

Once released to general public, you will get it automatically once server and agents are updated.

Here is the internal release post (for the pre-release module).

For the OSX product, it brings custom UI configuration settings, possibility to set dual update profiles and other changes, added to the new OSX build. Before the public release of OSX build, we will release the CE module for all users.

NOTE: To ensure proper functionality of your ERA infrastructure it is highly recommended to perform CE module update on all components (ERA Server (change update type in server settings to "Pre-release update") and ERA Agent (change update type in ERA Agent policy to "Pre-release update")).

New features:

- Added: Support for new ESET Mail Security 6 for IBM Domino

- Added: Support for new ESET Security 6 for Microsoft SharePoint Server

- Added: Support for new settings in ESET Endpoint Security / Antivirus 6.2 for OS X

- Added: Support for new settings in ESET Endpoint Security / Antivirus 6.4 for Windows

- Added: Possibility to import from file to lists in ESET Remote Administrator policy editor

- Improved: Other bug-fixes and improvements

Known issues:

- Policy/Configuration of ESLC product displays error (will be fixed by CE module release on regular update servers)

- Some settings may be displayed as untranslated (will be fixed by new translator release)

- Apply policy with new settings to old ERA 6.1 components can cause that policy will not be applied (workaround: update all ERA components to the newest available version (6.3) or replace component CE module manually)

- Apply policy with new settings to old EES for Mac 6.0 products can cause that policy will not be applied (will be fixed in future CE for EES for Mac update, workaround: update EES for Mac to the newest version)

- ERA Web Console requires logout and login after CE update on ERA server

- Personal firewall Zones lists is not displayed in exported configuration (will be fixed by CE module release on regular update servers)

- Import functionality is not functional when ERA Server is running on 64bit Linux OS including ERA virtual appliance (will be fixed in next release of ERA Server for Linux and ERA virtual appliance)

Link to post
Share on other sites
  • ESET Insiders

Once released to general public, you will get it automatically once server and agents are updated.

Here is the internal release post (for the pre-release module).

For the OSX product, it brings custom UI configuration settings, possibility to set dual update profiles and other changes, added to the new OSX build. Before the public release of OSX build, we will release the CE module for all users.

NOTE: To ensure proper functionality of your ERA infrastructure it is highly recommended to perform CE module update on all components (ERA Server (change update type in server settings to "Pre-release update") and ERA Agent (change update type in ERA Agent policy to "Pre-release update")).

New features:

- Added: Support for new ESET Mail Security 6 for IBM Domino

- Added: Support for new ESET Security 6 for Microsoft SharePoint Server

- Added: Support for new settings in ESET Endpoint Security / Antivirus 6.2 for OS X

- Added: Support for new settings in ESET Endpoint Security / Antivirus 6.4 for Windows

- Added: Possibility to import from file to lists in ESET Remote Administrator policy editor

- Improved: Other bug-fixes and improvements

Known issues:

- Policy/Configuration of ESLC product displays error (will be fixed by CE module release on regular update servers)

- Some settings may be displayed as untranslated (will be fixed by new translator release)

- Apply policy with new settings to old ERA 6.1 components can cause that policy will not be applied (workaround: update all ERA components to the newest available version (6.3) or replace component CE module manually)

- Apply policy with new settings to old EES for Mac 6.0 products can cause that policy will not be applied (will be fixed in future CE for EES for Mac update, workaround: update EES for Mac to the newest version)

- ERA Web Console requires logout and login after CE update on ERA server

- Personal firewall Zones lists is not displayed in exported configuration (will be fixed by CE module release on regular update servers)

- Import functionality is not functional when ERA Server is running on 64bit Linux OS including ERA virtual appliance (will be fixed in next release of ERA Server for Linux and ERA virtual appliance)

 

Can you post a link to the full release notes?

Link to post
Share on other sites
  • ESET Staff

Module release posts are not shared publicly, we only share them with ESET Partner network. Basically what I have mentioned here, is the full release notes for this CE release.

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...