Re: Future Changes to ESS 3.0 Allow ports other than http and pop3 to be blocked Some customers need to block URLs beginning with https:// and there's no way. Surprisingly, ESS blocks htpps sites when they appear in an anonimyzer URL, but not when https is requested by itself.
Re: Future Changes to ESS 3.0 Perhaps an option for the firewall where we can choose to block all incoming ( minus those that are already allowed by program default) and only recieve alerts for outgoing....
make the reports useful The main client screen gives a wealth of important information about clients: the last time they've checked in and their version of the virus signatures db. And even displays out of date items in red! I worry about when things don't work, not when they do, so I'd consider that most critical pieces of information. Oddly, the reporting mechanism gives me mostly useless information. I think point of the program is to deal with threats, so why would I care to know about them, unless it's telling me there's some bug that just let through a threat it should have stopped? Anyway, it would be really nice if the reporting feature could duplicate the functionality of the exporting the client list.
Re: Future Changes to ESS 3.0 I know this has been requested many times and i'm just saying I'm backing this up... this is a much needed feature and would really add to the quality of the firewall. Having your personal set rules for certain programs can be very useful for users that have special applications. This all the while not having to worry about allowing and/or denying other applications that may be running.
Re: Future Changes to ESS 3.0 I have some suggestions: How about ESET supporting their product 24/7 (and not just for big companies)? My system might crash on Sunday or at 8 pm. How about having someone there to answer the phone on your support line instead of having the tech call me when I'm not at work or otherwise can't work on the problem? How about a firewall that doesn't block internal traffic? Or regard basic protocols like NetBIOS as a threat? How about answering emails? Maybe consider having a specific person assigned to a ticket instead of having emails going to ~Unnecessary links removed. - Ron~ That way I can get back to the person I was talking to before. How about having support techs that aren't condescending and impatient with users? That would make for a rockin' 3.0.
Suggestions on ESS fiewall 1. Allow user to select types of ICMP protocol when defining a new rule, so that user can allow or deny special ICMP types instead of all types. 2. Allow user to define remote computer address like the following: 2.a.) Define IP address shall be enhanced IPv4: 123.123.123.* 123.123.*.* 123.*.*.* I know this can be done by using address range or subnet, but why not make life easier 2.b.) Allow user to use Host name besides IP Host name: domain.com sub1.domain.com sub2.sub1.domain.com *.domain.com *.*.domain.com This is useful for those remote computers with dynamic IP addresses or changing IP addresses frequently. e.g. IP address of windows update server changes very often(like every few minutes) , and the host name is static. In order to use windows update I have to allow svchost.exe connect to ALL remote addressed at port 80/443, this is what I don't want to see
Re: Future Changes to ESS 3.0 1.HIPS 2.Behavior blocker( PDM) 3.Improved intrusion detection in firewall 4.More frequent updates 5.Improved cleaning, ex: rootkits and deeply embedded spyware.
Re: Future Changes to ESS 3.0 make it vista useable. I just installed this on a new vista system still will not do an on scan on a zip file unless you go to the temp dir & give it permission. It should be able to allow scanning on zip files without knowing ahead of time that the user has to do that. I'm curious how many vista users don't realize that all zip or archived files or folders are being ignored...?
Re: Future Changes to ESS 3.0 Allow text of email tag to be modified. The current tag: Is 1) too large , 2) poor English, and 3) no one will understand (20080502). It is incredibly difficult to control English language statements programatically; don't even try. Let us do it.
Re: Future Changes to ESS 3.0 Import & Export of firewall rules If we could export the rules, modify & import, then we could: Sort however we need to Find duplicates easily Modify new rules as per existing easily See all facets in one view
Re: Future Changes to ESS 3.0 How about something like McAfee Site Advisor that works with all Browsers, or something like the new AVG's Web Shield & LinkScanner... I have been using Site Advisor plugin for IE7 and I have to tell you it would be a great add to ESS, specially because it would tell you if a web site is dangerous before going and you could avoid ESS just blocking it without further notice.
Re: make the reports useful I've written a followup to my initial post. Consider this screenshot, http://www.fluxsoft.com/images/nod32confusedprotect.jpg As you can see, there are two columns for Protection Status, which doesn't make much sense. The first one is often blank, too. This first column should just be removed. You'll notice the dialog refers to the first client and therefore its message that the client is secure is incorrect whereas the second Protection Status column displays accurately that the data have been requested a while ago. The dialog doesn't show the second client, but while its message, "the system is secure", would be accurate for it, the message "Ready" sounds more appropriate. Finally, the reporting mechanism exports the first Protection status column and therefore contains inaccurate information (in both cases, it is just blank). It should export the second column instead.
Re: Future Changes to ESS 3.0 see: https://www.wilderssecurity.com/showpost.php?p=1165644&postcount=1 point 11
Re: Future Changes to ESS 3.0 Nice, this will remind me to READ FIRST.. PD, in any case, it was posted for EAV 3 and this is for ESS... jejeje
Re: Future Changes to ESS 3.0 Tools, Alerts and Notifications in ESS home, I cannot change the port number of the SMTP server used. post.strato-mail.net uses a very different port than the standard port, thus I am not able to use that SMTP server for sending notifications to me. This shouldn't be a big job to do I hope? Thanks For the rest: some want more simplicity, some want more functions. Everybody wants the system load to be low. That should be the priority. I say: yes, super configurable for advanced users (which should also be able to log in and manage the system remotely using the IP adres and a port nr of the target machine through their browser, password protected of course) and the simple mode for non-advanced users. That way you'll keep customers on both sides of the camp. Registry protection would be nice, like the tea timer from spybot HIPS kind of thingy. Very good product this.... I like it despite of its shortcomings. Compared to Symantec this company is doing a whole lot of good in a very small amount of time. Keep up the good work guys!
Re: Future Changes to ESS 3.0 Regarding the remote administrator, I can see how the configuration editor can work as a separate program, but when making edits inside the remote console itself, the editor should be implemented as a dialog box. The reason is that a user can get confused as to what context he is in. If I have the package dialog on the screen and I open a fairly small-sized configuration editor, it can work itself behind the remote administrator screen and the user is confused as to why he is somehow stuck with a package editor dialog on the screen with all the options dimmed and no place to go. See this at http://www.fluxsoft.com/images/remotconsolehidesconfigeditor.jpg What is also confusing about the configuration editor is that gives cryptic temp files for the names of the files it's working on. If implemented as a dialog in this context, then it can dispense with the names as they are not necessary and provide an OK button as opposed to a "quit" menu option. Also, related to this, in the packages window, rather than having a "save" button, which should be automatic, there could be a "revert" button to retrieve an earlier version of an automatically saved configuration.
Re: Future Changes to ESS 3.0 Regarding the firewall rule setup in the remote admin console, some of the rules specify they are relevant to the policy-based mode, but that's confusing. The setting of interactive and policy should probably be in this dialog and then when it's changed to interactive mode, those relevant rules can be removed from the display since they are, after all, irrelevant in that mode. Still, some rules seem to be somewhat contradictory. For example, the default rules, "Block all unknown outbound traffic" and "Allow all outbound traffic in the policy-based mode" seem to be contradictory. A number of subsequent rules starting with "Block outgoing..." seem to be in conflict with "Allow all outbound traffic.." rule. If, indeed, the intention was to say ""Allow all outbound traffic in the policy-based mode not otherwise blocked", then it should say that. Similarly, "Block incoming NETBIOS requests" and "Allow incoming requests in the Trusted Zone" is contradictory. Why is the application for one given as "All" and the other limited to "System"? Whenever the window opens, the names of the rules are truncated. The "discard previous settings on the target computer" doesn't make a lot of sense. I can't think of why I'd want to keep the existing rules. That could just create chaos. In the advanced setup, there's a specific setting to "Allow file and printer sharing in the Trusted zone", but it's not clear how this gets impacted by the NETBIOS rules. If I can't find a server, how do share it? This might be better implemented as an ordinary firewall rule, and they may be better served by being grouped hierarchically. There doesn't seem to be much information on what the intrusion detection rules are actually doing. In fact, there isn't much documentation on how the firewall works. The manual needs to be expanded and perhaps in doing so, one will realize that how the existing default rules are rather messy and confusing.
Re: Future Changes to ESS 3.0 Using the latest build, 657, I was able to uninstall ESS without specifying the password that I was using to protect the configuration from being changed wiithout authorisation. NOD32 v2.7 has this feature, so should ESS and NOD32 v3. I'd like this feature to be re-introduced at least as an advanced option if not as a mandatory feature.
Re: Future Changes to ESS 3.0 I'd like the feature to be able to permanently disable the spam filter and the firewall (separately) without it re-enabling itself after restarting the computer, with an option for each to ignore the fact that they are disabled so a "your at risk" message doesn't pop-up every time you turn on the computer, but keep the same red colour icon to politely indicate that something is wrong, or maybe a different colour icon if the ignore options have also been set on disabling these modules. Of course these must be advanced options which are not enabled by default. The purpose will be for troubleshooting only. For example, the no doubt infamous "web page cannot be displayed" firewall issue on Windows 2000 computers. Who's to say that something else won't go wrong in the future on other platforms. It would be good to be able to provide my clients with a temporary workaround in situations like this until the issue is fixed.
Re: Future Changes to ESS 3.0 To distinguish networks *not* just based on subnet and netmask. https://www.wilderssecurity.com/showpost.php?p=1246185&postcount=15
Re: Future Changes to ESS 3.0 I have not read all posts, but something that really needs added to ESS is the ability to Turn File sharing ON or OFF and Network Discovery ON or OFF in Vista. This is done using the Windows Firewall, but since its turned off as we use ESS we cant do this. It does support 3rd Party Firewalls controling the settings as its there in a infomation box stating so but simply ESS does not do this yet. I do not need any of these settings on and did turn them off while running Windows firewall while Beta Testing Vista offically for MS. http://img181.imageshack.us/img181/4326/ggggtf0.jpg
Re: Future Changes to ESS 3.0 To my knowledge, Smart Security is the only package out there that doesn't store client configuration on the server in some automatic fashion. I'm only guessing that the reason it was done this way was to make it easy to reinstall the server without having to worry about reconfiguring everything. But is that really that beneficial? If, for some reason, I need to keep multiple client configurations, then I must maintain them manually. That should be the job of the program. Also, I'm not sure I could easily keep a hierarchical setup of rules. I suggest moving the configuration of the clients into the server and then that way the configuration editor can be integrated into the remote console.
Re: Future Changes to ESS 3.0 - Firewall "Notify" pop-up windows could link to more info/rule creation when clicked - Make the order in which firewall rules are applied clear & provide move-up/move-down feature for rules - allow specification of rules including "NOT" such as "NOT" Trusted Zone - allow use of DOMAIN NAMES in addition to IP addresses for rules - Option to Allow but log/queue apps for later rule creation when specified conditions met (if user is unavailable to accept / deny firewall prompts as on a server) - Ability to request list of user contributed rules for a particular app with option to add to own rules - Monitor actual usage over time of a given rule and suggest narrower alternative rule(s) - Specify Apps & Apps Paths that a rule applies to with wildcards/regex - Right-click -> Add rule from "Overview of established network connections" screen - Ability to make rules based on signed/unsigned status of file - Option to notify of application new access behavior even if allowed by rule (Some of above have already been mentioned. Please consider repeated request as an additional vote for feature.) I'll post more if any of above are ever actually implemented..
Re: Future Changes to ESS 3.0 You're so right! That is why I created by own tag for outgoing E-mails: Outgoing mail is certified Virus Free. Checked by ESET Smart Security 3.0.650.0 The next generation NOD32-technology http://www.eset.com
