Jump to content

External IP and User Name


kingoftheworld
 Share

Recommended Posts

I recently upgraded my ESET Remote Administrator server to the latest version 6.3.  However, I am unable to locate a couple of information fields that I had available to me in ESET 4 that I used frequently.  How can I view the public IP of a client if the device is behind a NAT?  In ESET 4, the public address was shown by default to me and I was able to quickly determine if the device, specifically laptops, is at my organization or is at a user's home.

 

My second field I can't locate is the user ID field.  Again in ESET 4, under client information, I was able to see the currently logged in user and determine quickly who was in fact using the device.  I have not been able to locate this either in the new ESET.

Can anyone share any information on this?

 

Thanks!

Link to comment
Share on other sites

This information is not yet available. However, this is already tracked as an improvement for future versions of ERA v6.

To be honest with you, I don't see why such a large number of features/information was removed from the latest version of ESET.  It's like buying a car with a new fancy GPS, but then removing the headlights allowing you to only drive during the day.

Link to comment
Share on other sites

  • ESET Staff

 

This information is not yet available. However, this is already tracked as an improvement for future versions of ERA v6.

To be honest with you, I don't see why such a large number of features/information was removed from the latest version of ESET.  It's like buying a car with a new fancy GPS, but then removing the headlights allowing you to only drive during the day.

 

 

Hello,

 

could you be more specific about your use-case - how should ERA fetch external IP of device behind NAT? Currently we are collecting all IP addresses that are reported on client (AGENT) machine. We have discussed as alternative providing also IP address that AGENT connection comes from when connecting to SERVER - but this is useless in case devices are behind NAT -> all devices will the same IP address.

Link to comment
Share on other sites

 

 

This information is not yet available. However, this is already tracked as an improvement for future versions of ERA v6.

To be honest with you, I don't see why such a large number of features/information was removed from the latest version of ESET.  It's like buying a car with a new fancy GPS, but then removing the headlights allowing you to only drive during the day.

 

 

Hello,

 

could you be more specific about your use-case - how should ERA fetch external IP of device behind NAT? Currently we are collecting all IP addresses that are reported on client (AGENT) machine. We have discussed as alternative providing also IP address that AGENT connection comes from when connecting to SERVER - but this is useless in case devices are behind NAT -> all devices will the same IP address.

 

On my ESET 4 Remote Console, I am able to see the public address of the device.  I am not sure of the method that was used for that.

 

The use case is for identifying machines that may have been taken away from the organization and may be in use at someone's home.  Since most home users have a NAT configuration of some sort, we would like to be able to identify the ISP and general geographic area of the device.  But again, I am going back to the point that this was a feature that has since been removed.   

Link to comment
Share on other sites

  • ESET Staff

Thanks for fast reply. We have one last question in our external IP survey: How would you use this external IP if available? Only visual confirmation in Webconsole? or you would also expect dynamic groups and client task (task executed on remote machine) to work based on this IP address? switching configuration based on IP address client is using?

 

We are asking because this feature was not removed intentionally, but it is not available due to architecture changes since previous ERA generations. It's integration into ERA6 may come with limitations in usability in comparison with currently available data collected on client computers.

Link to comment
Share on other sites

Thanks for fast reply. We have one last question in our external IP survey: How would you use this external IP if available? Only visual confirmation in Webconsole? or you would also expect dynamic groups and client task (task executed on remote machine) to work based on this IP address? switching configuration based on IP address client is using?

 

We are asking because this feature was not removed intentionally, but it is not available due to architecture changes since previous ERA generations. It's integration into ERA6 may come with limitations in usability in comparison with currently available data collected on client computers.

 

Probably just a visual either as a column or in the client details window.  In the past, we have never used it for grouping of clients.

Link to comment
Share on other sites

Thanks for fast reply. We have one last question in our external IP survey: How would you use this external IP if available? Only visual confirmation in Webconsole? or you would also expect dynamic groups and client task (task executed on remote machine) to work based on this IP address? switching configuration based on IP address client is using?

 

For me this feature is essential. I am using these external IP in dynamic groups. We have about 30 remote sites and so we can easily identify client-to-site relation.

Link to comment
Share on other sites

Thank you to post about this problem, i've made a post and i have no answer from the eset team.

it is essential for me to have the public ip of the remote devices, because the ERA server is hosted in a datacenter, and it's a good thing to identify the devices with their ip address.

Why the hell it is so complicated to collect this public ip on the console ???

Link to comment
Share on other sites

hi,

i have the same problem

column "computer's name" isn't here anymore

same problem in exports...

it take just one minute to add this

thanks

Link to comment
Share on other sites

  • 4 weeks later...
Hi everyone,

 

Just keeping this thread active by adding that when we were running ESET 5, I identified a student laptop that a recently downsized manager had taken as a "retirement present", since ESET was connecting from an unexpected IP, and I was able to use SMTP logs to prove it was in her house. I notified HR, providing a screen shot from ESET 5 clearly showing her IP, and the laptop was later returned.

 

With ESET 6 not having a field for the external IP, the device location checking I previously performed is no longer an option. Can we expect this feature to be reinstated in a future version of 6.3 or 6.4? As you can see from this example, it can be considered a security feature if used in this manner.

 

Thanks!

Link to comment
Share on other sites

For me, I use it to see if the clients are in the office or at home (most are laptops). I'm not in the office, I am always remote, so I can never see bums on seats. but if I see that a laptop is online I can quickly check (or could!) if the external IP address shows that it's online in the office or online at home.

 

It was handy for when I needed to perform other tasks on the laptop, and whether or not it would then be accessile via psexec etc.

Link to comment
Share on other sites

  • 5 months later...
  • ESET Staff

Any update on this?

 

We could do with the last connected external IP to help identify agents in Lost & Found.

 

A history of previous external IPs would also be helpful.

 

Unfortunately this improvement missed 6.4 release. External IP (= remote peer IP address as seen by SERVER) is collected per client connection and stored in database, but there is no integration into WebConsole in ERA 6.4. Nevertheless it is already available in development version and should be available in next release - if nothing goes wrong.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...