Nod32 version 4 and ERA - HTTP exclusions

Discussion in 'Other ESET Home Products' started by iternalnetworks, Sep 30, 2010.

Thread Status:
Not open for further replies.
  1. iternalnetworks

    iternalnetworks Registered Member

    Joined:
    Sep 24, 2010
    Posts:
    6
    Location:
    Las Vegas
    I need to exclude an internal website in ERA for a clients site from being scanned by Nod32 version 4. I know there is a setting in the advanced configuration under "Web Access Protection" > "HTTP Address Management", but I can't find anywhere in the Policy Manager of ERA to allow those exceptions. Can someone point me in the right direction or give me another suggestion?

    Thanks,

    Mike
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Since the HTTP/POP3 scanners are effectively part of the personal firewall even in EAV, you'll find the respective settings under "ESET Smart Security, ESET NOD32 Antivirus" -> "Personal firewall" -> "List of URL addresses excluded from filtering"
     
  3. iternalnetworks

    iternalnetworks Registered Member

    Joined:
    Sep 24, 2010
    Posts:
    6
    Location:
    Las Vegas
    That will exclude all scanning of traffic to/from that address without any other settings changed?
     
  4. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Right.
     
  5. iternalnetworks

    iternalnetworks Registered Member

    Joined:
    Sep 24, 2010
    Posts:
    6
    Location:
    Las Vegas
    I'm still having an issue with this particular client. I have set the filtering mode to "Automatic mode with exceptions" and have added the IP address of the internal server to the list of URL addresses excluded from filtering in ERA and applied the policy, however they still aren't able to load the website from that server. All they get is a blank screen. If I access the advanced settings for Nod32 AV on the computer and disable HTTP checking then it works fine.

    I would rather not have this feature disabled.

    Thanks,

    Mike
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Could you please capture the http traffic using Wireshark, one log with HTTP filtering enabled and one with the filtering disabled? When done, compress the logs, upload them somewhere and PM me the link.
     
  7. Jdeane

    Jdeane Eset Staff

    Joined:
    Jul 18, 2007
    Posts:
    82
    Location:
    UK
    This is for v3 clients, for v4 clients you need to set the option in:-
    "ESET Smart Security, ESET NOD32 Antivirus" -> "Personal firewall" -> "Web access protection" -> "HTTP address management"

    This might be why your clients are not taking the option correctly.
     
Thread Status:
Not open for further replies.