Issues with Protocol Filtering and Sharepoint 2007

Discussion in 'ESET Endpoint Products' started by Geosoft, Jan 2, 2013.

Thread Status:
Not open for further replies.
  1. Geosoft

    Geosoft Registered Member

    Joined:
    Jan 7, 2009
    Posts:
    270
    Location:
    Toronto, Ontario, Canada
    Hi All,

    I'm currently calling in ESET support on this issue, but our office is encountering issues when downloading files from a Sharepoint 2007 server. The issue is resolved if you disable Protocol Filtering in the ESET client.

    Basically part of the file downloads and then freezes and never completes the download. The files would have to about 3+mb in size for you to notice this behaviour. Smaller files had a better chance of completing a download, while larger files (over 40mb in size) almost always failed)
     
    Last edited: Jan 3, 2013
  2. Geosoft

    Geosoft Registered Member

    Joined:
    Jan 7, 2009
    Posts:
    270
    Location:
    Toronto, Ontario, Canada
    Update: not a lot of troubleshooting was done. Since I was able to find out that protocol filtering was the cause of the issue, the fix was to exclude the Sharepoint Servers IP address from protocol filtering on the clients.

    The one problem that I had is that creating a protocol filtering exception in policy management was broken. When you place the exception into the policy manager, it would be replicated and if you viewed the client configuration in ERAS (by selecting a client machine and pressing F4 -> View) you would see the exception listed. But, if you went to the client machine and viewed it's client configuration, the exception was not listed nor was it being enforced. Apparently this is a bug in the latest ESET Endpoint clients (currently 5.0.2126) so I had to do this little work around:

    On the client machine:
    1) Open the ESET client and go into advanced setup
    2) Expand Web and email -> Protocol filtering -> Excluded IP addresses
    3) Enter the IP Address of the Sharepoint server you want to exclude from protocol filtering
    4) Close the Advanced setup menu by pressing OK
    5) Go to Setup -> Import and export settings...
    6) Export settings to a file. (I made the mistake of just giving a filename without a full path. This doesn't work. You must include a full path with drives/folder names)

    On the ESET Server
    1) Login and open your policy manager
    2) Select the policy where you want to add the protocol filtering and select Edit
    3) Expand to the following tree: Windows desktop v5 -> Personal firewall -> Settings
    4) Highlight Rule setup: See dialog (just above the SSL tree)
    5) Go to File -> Import From...
    6) Select the XML file from the exported configuration file you made from the ESET client.
    7) Select Merge with existing
    :cool: Edit the rule and verify you see the IP Addresses you want to exclude under the Zones tab
    9) Save all changes to your policy

    The updated policy should be able to replicate to all clients, viewable in all client configurations and enforced.
     
    Last edited: Jan 3, 2013
Thread Status:
Not open for further replies.