create config for ESS 3.0.699 with disabled firewall

Discussion in 'Other ESET Home Products' started by elrad, Oct 9, 2008.

Thread Status:
Not open for further replies.
  1. elrad

    elrad Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    3
    I want to create a custom install package that can be used by remote users with configuration defined at title this message if this impossible may be anyone have tips how to change mode security at configuration with this setting by default (Setup > Personal Firewall > Change the protection mode of your computer in the network > Allow sharing). Have been tryed configuration edtor v2.00.0065(212) for it ,spended whole day but get nothing.
    Can someone point me in the right direction?
     
  2. ASpace

    ASpace Guest

    Hello!

    As fas I can understand you , you want to have ESS configured with the firewall completely disabled . Of course , this is possible but I must note it is generraly a risky situation because your remote users with no hacker/attacker protection .

    How to do it :
    In your configuration :
    1. turn the firewall to Policy-based mode
    2. Press the default button so that default options appear . Note , you may have to edit some of them such the the Trusted zone or untrusted zones.
    3. Start creating new rule :
    Name : your choice
    Direction : Both
    Action : Allow
    Protocol : TCP & UDP

    Additional action:
    check Log


    In Local tab - do not touch here . If there is no info entered , ESS will allow communication from and to any port (a.k.a all ports)
    In Remote choose - do not touch here . If there is no info entered , ESS will allow communication from and to any port (a.k.a all ports)

    Press OK and Apply buttons . This should do the trick for you
     
  3. elrad

    elrad Registered Member

    Joined:
    Oct 3, 2008
    Posts:
    3
    Sigh thanks for advice but if u reading my 1st post again u may be figure out one thing

    1st ) i know how to disable firewall from ess but i not need it I NEED " create a custom install package that can be used by remote users with disabled firewall " <-- plz read it one time more

    2nd no need me talk about security have been worked system admin like 5yaers sigh

    3rd of couse i did trusted zone and put there are my local net but its not enough, inbound conection still blocking need change stupid protection mode which add stupid rule for blocking all inbound connection and this rule have highest priority so another rules which allowed connection not working .

    Hoped i bring some light to my wish )
     
  4. NOD32 user

    NOD32 user Registered Member

    Joined:
    Jan 23, 2005
    Posts:
    1,766
    Location:
    Australia
    Hi elrad,

    Simplest suggestion I have is to manually setup one workstation to the desired initial configuration and then export the settings (ESS-BE GUI, 'Setup' drop down menu). This way you can see open the saved .xml in the configuration editor and see how all areas of your desired configuration look.

    The two special areas to note (if I correctly understand your request?) are 'Filtering Mode' - should be 'interactive', and also 'Rule Setup' - If you selected 'Allow Sharing' before export of the .xml then the 'Zones' tab will be configured correctly.
    Screenshot - 28_10_2008 , 3_59_47 AM.png

    Try export once with 'Strict Protection' first to compare the Zones tab against if you like.

    Now when you create your install package from the ERAC 'Remote Install' tab you can select the pre-configured .xml file you exported earlier - with all settings done.

    If I can explain further, please let me know.

    Cheers :)
     
Thread Status:
Not open for further replies.