Announcement

Collapse
No announcement yet.

Again.. How can I approve these instead of the client from the portal?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Again.. How can I approve these instead of the client from the portal?

    A client gets the following warning and has to select an option:
    1.png
    When selecting 'Allow' it won't go away and keeps getting back.

    I can't find any recordings in the logs and can't whitelist or accept for this device from the portal(!).

    Can this be fixed because I think that for a managed security platform this is crucial.
    (See other post regarding these untraceable detections..)


  • #2
    Again, I got a call from 2 different clients with similiar HIPS warnings regarding different files.
    But... on the portal I can't find them in any logs and can't whitelist, blacklist, retrace the message..

    I'm for sure that I'm not the only one..

    Itarian, please comment. How can this be fixed and how can I see ALL the detected warnings that the users are getting.
    As a managed system, I should see them also and interact with the Security Client, and not the user.

    I keep posting these questions but get no answers..

    Comment


    • #3
      Hi ailan,

      Sorry for the delayed response. Can you please check your Inbox for a private message and provide the requested details.

      Kind Regards,
      PremJK

      Comment


      • #4
        Hi PremJK,

        Thanks. I will try to get the HIPS-logs from the device tomorrow.

        But I want to note that there are a lot more entries not being logged and viewable from the portal.

        So it would be strange that this isn't noticed or known by the back-end team.

        In brief: every action-window that the user gets, should be logged and viewable by the admin also so we/the admin, can whitelist/blacklist the requested threat.
        As this is a managed security platform.

        Regards.

        Comment


        • #5
          hello ailan ,

          Currently HIPS logs can not be seen from the portal. We already have this feature on our roadmap, and it is currently under refinement process. We will share a possible ETA about this.

          Best regards,
          Ilgaz

          Comment


          • #6
            Hi ilgazy,

            Thanks for your post.

            This is another basic function that's missing and still not implemented after this time.
            Can you tell when we can expect all the detected threats visible in the portal?
            Hopefully not after months/years like other implementations because this is a crucial part of a managed security platform.
            I couldn't find it on the Roadmap..

            PremJkumar: I don't think you need the HIPS logs anymore as it's already a known issue?

            Regards

            Comment


            • #7
              Hi ailan,

              We are trying to find a workaround till the feature gets implemented. Can you please share the screenshot of HIPS settings configured on the device

              2021-10-21_18-13-44.png

              Kind Regards,
              PremJK

              Comment


              • #8
                Hi PremJkumar,

                That would be great.
                Hereby the settings for this client:
                1.png

                Note: For this client I haven't enabled the 'Do not show popup alerts' on purpose because of all the errors they had in the past.
                It's a dental office and a lot of times their programs were blocked and they couldn't work and lost scanned images and work.
                That's why it should be handy if I could also see the detected warnings and white-/blacklist programs/files.

                If you need more info, please let me know.

                Comment


                • #9
                  Hi ailan,

                  Thanks for your information. Please share HIPS logs, so that I check with the backend team and update you on their findings.

                  Kind Regards,
                  PremJK

                  Comment


                  • #10
                    Hi PremJK,

                    I contacted the client and unfortunately they're not available for now.
                    When they're online, I will export the logs and send them as requested.
                    Thanks for now.

                    Comment

                    Working...
                    X