Jump to content

Archived

This topic is now archived and is closed to further replies.

Zuc

ESET 9.x UI is a total disappointment, much worse than before

Recommended Posts

Hello,

 

I upgraded to ESET 9.x a couple of months ago. I immediately found that the new interface presents some serious usability issues, but I waited patiently for following updates to fiss this mess.

Unfortunately, in recent Software updates, nothing changed on this front, so I decided to create a user account for this forum to ask whether it is planned to fix at least the most annoying issues, or if this is the "new course" ESET is willing to pursue, in which case I will decide on my next renewal accordingly.

 

The issues - mainly tied just to (very poor) UI design - are the following

 

1) the Interactive Mode popup is mostly useless:

- there is no longer the possibility to "Create a custom rule" from said popup: you only decide to create an Allow or Deny "Create a rule and remember permanently" with the selected options

- the "Remember until application quits" option when HIPS popups show up is utterly useless: especially during windows updates, the SAME executable spawns tens of popups one after the other, even if the options selected along with the "Remember until application quits" should basically whitelist that executable for anything it could attempt until it closes (and no, I do not want to create a permanent rule for an executable which will only run ONCE, as my rule list would get incredibly long and cluttered for no good reason)

 

2) the Rules editor in the Personal Firewall advanced setup has suffered a heavy blow in the last edition of the UI: while I can understand (and appreciate) the possibility of showing rules in order of execution, I permanently lost the possibility to group rules by application, and - even more shocking - there is no way to display the list of rules ordered by any other column! Why on Earth can't I just click on the "Application" or the "Protocol" column to change the order the rules are displayed (not executed) is beyond me... This makes it very difficult (and incredibly annoying) to manage different rules for the same application, especially if those rules were created at different times and end up being all over the place... (yes, I know there is a very cumbersome filter funcion on the top-right, but it's nowhere near as useful as it should be)

 

The previous UI was working way, way, way better, and (even if this is subjective) it was also clearer to read... this one, with its ample white spaces and its low-contrast grays, and the general lack of icons, hinders way more than it helps, and this is clearly a sign something is seriously wrong with it...

If this is the new look you want ESET applications to have, I can adapt, but at least don't strip away functionalities when you make these changes (especially if there is no good reason to do that).

 

Thank you.

 

Share this post


Link to post
Share on other sites

First of all thank you for your feedback. Users' feedback is important for us and helps us react to users' needs. As for the GUI, the new HTML-based GUI engine is employed by several antivirus and security programs. Together with the new configuration engine developed by ESET it enables us to do things that were previously impossible and we have plans for substantial functionality improvements in future versions.

 

1, As for the "Custom rule" button, I've asked devs why it was removed. I'm almost sure it's not possible to open the rules setup window due to the new configuration engine but let's see what the devs say.

As for HIPS, even v8 had an option "Temporarily remember this action for this process". Ticking that box allowed only the particular action until the application quit. So even v8 or older versions didn't temporarily allow all operations for a particular process. It's for further discussion whether it would be safe to add an option temporarily allowing all operations for a process.

 

2, You wrote that you are missing a feature for sorting rules by various columns. However, since v9+ evaluates rules in the order they appear in the list, sorting would also change the order in which they are evaluated. In my opinion, this would cause only issues to users. If you want to look up rules for a particular application, you can search for the application name by clicking the icon with the magnifier.

Last but not least, the firewall rule editor is subject to further improvements in future versions.

Share this post


Link to post
Share on other sites

Hi,

 

thank you for taking the time to reply: it's nice to see the community being managed by someone willing to reply to criticism, even when it is expressed in a moment of extreme frustration and may therefore be quite harsh.

 

As for your answers,

 

> 1, As for the "Custom rule" button, I've asked devs why it was removed. I'm almost sure it's not possible to open the rules setup

> window due to the new configuration engine but let's see what the devs say.

 

I don't understand why it wouldn't be possible: I believe if the configuration engine allows to create a simple rule it should also allow the creation of a complex one by taking more parameters through an intermediate window... Anyways, I am awaiting the devs' reply.

 

> As for HIPS, even v8 had an option "Temporarily remember this action for this process". Ticking that box allowed only the particular action until the application quit.

> So even v8 or older versions didn't temporarily allow all operations for a particular process.

 

In the interactive mode popup for HIPS, which is very similar to the interactive mode popup for Firewall, the application, operation type and target process/file are all indipendently selectable through a checkbox: I assume that, if I only select the application but not the operation, HIPS should allow any operation by that application (same way it works for the firewall: if I select the protocol by ticking its checkbox, but not - for example - the destination IP, communication is allowed for that process via the selected protocol for any destination IP). If that is not the case, I don't understand why and it is counterintuitive for sure (why allowing to select items when you're not taking the selection into consideration?)

 

> You wrote that you are missing a feature for sorting rules by various columns.

> However, since v9+ evaluates rules in the order they appear in the list, sorting would also change the order in which they are evaluated.

 

That is EXACTLY the problem: there is no difference between the way rules are shown and the order in which they are executed, which is a major step back compared to the previous UI. You could very well have the rules displayed in order of application (by using a "Priority" value as default order column) but at the same time allow users to reorder the rules based on any other column while maintaining the execution order unchanged. Several hardware firewall interfaces allow that very easily (I'm talking Watchguard and Cisco dedicated clients, and Fortinet even in its web-based interface if memory doesn't fail me). In the end, it's just a list of items, the rule processing engine is (or can/should be) decoupled from the UI component that shows the rule themselves...

 

Finally, I am eagerly awaiting the much needed improvements to the firewall rule editor. I've been a loyal ESET client since ESET was the first software house to offer a top tier, natively 64bit antivirus and firewall solution for Windows 7, and I always appreciated its reliability and the power and simplicity of its UI: I would be sad if I had to go back to Kaspersky...

Thank you.

Share this post


Link to post
Share on other sites

My opinion is that the changes Eset made to the HIPS were intentional although never publically stated as such. Bottom line is that Eset doesn't want users fooling around with the HIPS. So they intentionally made any modification to it as difficult as possible in ver. 9.

Referring to how the HIPS operated in ver. 8, user HIPS rules were never "absolute" in precedence execution if an existing default HIPS rule existed. This was evidenced by the message given that Eset "allowed/denied some actions." In other words, the Eset HIPS default rules always took precedence over any user created HIPS rules. The problem with this is a user could never determine what the Eset default HIPS rules were since they were purposely hidden in a .bin file.

My take on all this is Eset introduced the HIPS to facilitate their exploit and advanced memory protection features. They never intended the HIPS to be a full featured product along the lines of the now obsolete Online Armor and Outpost Firewall products. In fact, the only active mainstream product left with a user configurable HIPS is Comodo. In reality Eset's ver. 9 HIPS is very similar to the behavior blocker included in Emsisoft products although I believe the later is more effective in detecting unknown malware suspicious activity overall.

Share this post


Link to post
Share on other sites

I'd like to take this chance to weigh in on the OP's comments.  I have to say, I agree 100% with his analysis.

 

I've been a SS user for 8 years, and before that an NOD user for several more; I'm not a novice.  I have to say that I believe version 9 to be a serious regression in usability, especially in the rules/firewall/HIPS areas.  I received this update in July, and have consciously held back from commenting, thinking that because it's new, some updates would be forthcoming.  They haven't.  I usually give myself time to 'grow into' a new product or interface, allowing myself to form a solid opinion through usage.  I've done that; my opinion hasn't changed.

 

Let me be specific.  OK, so ESET wants me NOT to play around in the rules area?  Frankly, I don't care if that is true or not.  I KNOW what I'm doing, and I wish to retain the ability to do so, comfortably.  Here's an example.  The rules list is executed in order, so when a new rule is created, it appears at the bottom of the list.  I want to move it to a new position in the list, among its 'brethren' that are located at say, rule 100.  There are 250 rules in the list.  To accomplish this feat, I have to highlight the rule, and then click on that little 'up' arrow...again...and again...and again.....150 times.....until I arrive at rule 101.  Do you have any idea how long this takes with 250 rules in the list?  How about 350?  It's ridiculous.

 

Is there any concrete reason why we can't drag the rule to its intended location?  Or, better yet, a dialog that asks us where we want to locate the new rule when it is created?  [Actually, we want to be able to drag GROUPS of rules, as well, by highlighting multiple rules.  We can't do that now.]

 

Please stop thinking that you're making it easier for me, by taking away my abilities to manage the rules area [or by making it more difficult].

 

Look, if that is the way it's going to be, I can live with it, but I don't have to like it.  It is a regression, and ESET should have a policy NOT to regress their user's experience.  And please, please, don't try to convince us that it's 'better' this way.

 

 

Another thing: for Pete's sake, please display the executable icon for each rule.  It's bad enough that we can't sort the rules for our own convenience.  Displaying the icons would indeed make it infinitely easier for us to parse the list by eye.

 

Add to that the fact that in general, the new interface isn't very good-looking in general, and you can understand our frustrations.  I know for advanced users, cosmetic stuff isn't/shouldn't be very important, but it was nice to have the more polished appearance of the former product.  I don't think I'm alone in that opinion.

 

On that note, why not have open beta timeframes for qualified, experienced users - it would pay off in spades for ESET.  I really, really do believe in the product, and know a number of other advanced users/admins who would be assets in such a program.  Why not ask THEM what they think, before you roll something out to the user base?  I guarantee they would save TONS of work being defensive in the user forums, lolz. 

Share this post


Link to post
Share on other sites

Not sure this is exactly the correct forum, but this issue is related to Eset AV version 9 and disappointment.  After upgrading from v8 to v9, I noticed Windows 7 updates were taking 8 or 10 hours (or days) instead of 8 or 10 minutes.  To make a long story short, it turns out that the HTTPS scanning default settings went from disabled in v8 to enabled in v9, presumably to improve detection.  After several days of scouring the web and on a hunch, I set the SSL/TLS Protocol Filtering to 'Interactive Mode', rebooted and then started Windows Updates again.  Shortly thereafter an Eset window popped up asking about granting access to Microsoft (Yes! that's what I wanted!).  I followed the basic steps in  hxxp://support.eset.com/kb6004/ setting the Access action to Auto and the Scan action to Ignore.  Then the updates came in a few minutes later (instead of hours).  After all was finished, I set the SSL/TLS Protocol Filtering back to Automatic as recommended in the previously mentioned kb6004.

 

SOLVED:  Now I get windows 7 updates in minutes again instead of hours.  I'm don't know anything about certificates and https protocols, but it seems like something should be built into Eset v9 to always allow Microsoft updates, or at least let a user know that Eset was blocking Windows updates.

 

I hope this may help some of the other Eset users as I've seen several reports of similar problems, but most uses have solved it by going back to version 8, which I presume is not as secure.  So now I'm not disappointed with version 9.

Share this post


Link to post
Share on other sites

I'd like to take this chance to weigh in on the OP's comments.  I have to say, I agree 100% with his analysis.

 

I've been a SS user for 8 years, and before that an NOD user for several more; I'm not a novice.  I have to say that I believe version 9 to be a serious regression in usability, especially in the rules/firewall/HIPS areas.  I received this update in July, and have consciously held back from commenting, thinking that because it's new, some updates would be forthcoming.  They haven't.  I usually give myself time to 'grow into' a new product or interface, allowing myself to form a solid opinion through usage.  I've done that; my opinion hasn't changed.

 

Let me be specific.  OK, so ESET wants me NOT to play around in the rules area?  Frankly, I don't care if that is true or not.  I KNOW what I'm doing, and I wish to retain the ability to do so, comfortably.  Here's an example.  The rules list is executed in order, so when a new rule is created, it appears at the bottom of the list.  I want to move it to a new position in the list, among its 'brethren' that are located at say, rule 100.  There are 250 rules in the list.  To accomplish this feat, I have to highlight the rule, and then click on that little 'up' arrow...again...and again...and again.....150 times.....until I arrive at rule 101.  Do you have any idea how long this takes with 250 rules in the list?  How about 350?  It's ridiculous.

 

Is there any concrete reason why we can't drag the rule to its intended location?  Or, better yet, a dialog that asks us where we want to locate the new rule when it is created?  [Actually, we want to be able to drag GROUPS of rules, as well, by highlighting multiple rules.  We can't do that now.]

 

Please stop thinking that you're making it easier for me, by taking away my abilities to manage the rules area [or by making it more difficult].

 

Look, if that is the way it's going to be, I can live with it, but I don't have to like it.  It is a regression, and ESET should have a policy NOT to regress their user's experience.  And please, please, don't try to convince us that it's 'better' this way.

 

 

Another thing: for Pete's sake, please display the executable icon for each rule.  It's bad enough that we can't sort the rules for our own convenience.  Displaying the icons would indeed make it infinitely easier for us to parse the list by eye.

 

Add to that the fact that in general, the new interface isn't very good-looking in general, and you can understand our frustrations.  I know for advanced users, cosmetic stuff isn't/shouldn't be very important, but it was nice to have the more polished appearance of the former product.  I don't think I'm alone in that opinion.

 

On that note, why not have open beta timeframes for qualified, experienced users - it would pay off in spades for ESET.  I really, really do believe in the product, and know a number of other advanced users/admins who would be assets in such a program.  Why not ask THEM what they think, before you roll something out to the user base?  I guarantee they would save TONS of work being defensive in the user forums, lolz. 

 

Thanks for reiterating exactly my points: it's good to know I'm not the only one feeling this way.

 

 

Not sure this is exactly the correct forum, but this issue is related to Eset AV version 9 and disappointment.  After upgrading from v8 to v9, I noticed Windows 7 updates were taking 8 or 10 hours (or days) instead of 8 or 10 minutes.  To make a long story short, it turns out that the HTTPS scanning default settings went from disabled in v8 to enabled in v9, presumably to improve detection.  After several days of scouring the web and on a hunch, I set the SSL/TLS Protocol Filtering to 'Interactive Mode', rebooted and then started Windows Updates again.  Shortly thereafter an Eset window popped up asking about granting access to Microsoft (Yes! that's what I wanted!).  I followed the basic steps in  hxxp://support.eset.com/kb6004/ setting the Access action to Auto and the Scan action to Ignore.  Then the updates came in a few minutes later (instead of hours).  After all was finished, I set the SSL/TLS Protocol Filtering back to Automatic as recommended in the previously mentioned kb6004.

 

SOLVED:  Now I get windows 7 updates in minutes again instead of hours.  I'm don't know anything about certificates and https protocols, but it seems like something should be built into Eset v9 to always allow Microsoft updates, or at least let a user know that Eset was blocking Windows updates.

 

I hope this may help some of the other Eset users as I've seen several reports of similar problems, but most uses have solved it by going back to version 8, which I presume is not as secure.  So now I'm not disappointed with version 9.

 

Not sure this is related to the current thread in any way (which, btw, limits the visibility of your post, which does include useful information)... But thanks anyways.

Share this post


Link to post
Share on other sites
I set the SSL/TLS Protocol Filtering to 'Interactive Mode', rebooted and then started Windows Updates again.  Shortly thereafter an Eset window popped up asking about granting access to Microsoft (Yes! that's what I wanted!). 

This doesn't make any sense. Eset SSL protocol scanning will only scan processes that you tell to do so; e.g. web browsers, e-mail clients, etc.. Windows Updating is performed using a like svchost.exe service. That web traffic is not scanned in ver. 9 unless in was manually added.

 

Now I never tried to do Win Updating via IE11 when I was using Win 7. So using method, it may be possible that Win Update downloads are being scanned.

Share this post


Link to post
Share on other sites

Now I never tried to do Win Updating via IE11 when I was using Win 7. So using method, it may be possible that Win Update downloads are being scanned.

To my best knowledge, Windows updates should not be affected by SSL scanning unless Microsoft has changed the certificate and it hasn't been excluded by a module update.

Share this post


Link to post
Share on other sites

Hello,

 

I upgraded to ESET 9.x a couple of months ago. I immediately found that the new interface presents some serious usability issues, but I waited patiently...

 

Well, your patience has not been rewarded.

 

I too had problems https://forum.eset.com/topic/6626-cant-resize-ui-in-ess-v9/#entry36622

 

so I reverted to version 8 and I'll continue to use that for as long as it's supported, or until ESET realise that there's a difference between making something more interesting for their programming team, and making a product with a UI that actually suits users, i.e. the people that purchase the product and pay the wages for ESET.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...