haco 0 Posted January 12, 2016 Posted January 12, 2016 Hello, I have deployed era 6 on a new server by import from era5. Now I have the strange behaviour that a lot of the settings on the clients seem te bo locked (see attachment). That makes it impossible to add f.e. firewall rules on some clients locally. Is there somebody who can help me out on this? I'm having difficulties finding my way around the new era.
jimwillsher 65 Posted January 12, 2016 Posted January 12, 2016 Find one of your client computers in the ERA 6 console and look at the applied policies - policies may be applied to individual computers or to computer groups. Then for each polocy that's applied, have a look at the settings in that policy. Jim
haco 0 Posted January 14, 2016 Author Posted January 14, 2016 Thank you for your reply. The only applied policy is the policy that was imported from ERA5. Is there a setting to lock applied settings or so in this new version?
Administrators Marcos 5,732 Posted January 14, 2016 Administrators Posted January 14, 2016 Thank you for your reply. The only applied policy is the policy that was imported from ERA5. Is there a setting to lock applied settings or so in this new version? Settings defined in a policy are automatically locked on clients. Those that are not defined (ie. have no Apply nor Force flag) can be modified on clients.
ESET Staff MartinK 384 Posted January 14, 2016 ESET Staff Posted January 14, 2016 Thank you for your reply. The only applied policy is the policy that was imported from ERA5. Is there a setting to lock applied settings or so in this new version? All "applied" settings are automatically locked and there is no way how to disable this functionality. Lock will be removed once policy is no longer assigned to this specific client (remove policy, or remove association between policy and client).
haco 0 Posted January 14, 2016 Author Posted January 14, 2016 Thanks for the insightfull answers. So If I understand correctly, as soon as I deploy a policy with some firewall rules in to a client, that client is NOT able to add ANY firewall rule anymore?
haco 0 Posted January 15, 2016 Author Posted January 15, 2016 Just confirmed the above.I made a policy with only one firewall rule added. Setting this renders the client unable to add any firewall rule at all. Is this by design or a bug?
Administrators Marcos 5,732 Posted January 15, 2016 Administrators Posted January 15, 2016 It's by design. A policy is a set of settings and rules that are applied on clients. If a user was able to modify settings set by an administrator, it wouldn't make sense to use policies.
Recommended Posts