[KB7677] Create IDS rules for client workstations in ESET PROTECT (8.x – 9.x)

Solution

Required user permissions

This article assumes that you have the appropriate access rights and permissions to perform the tasks below.

If you use the default Administrator user or are unable to perform the tasks below (the option is unavailable), create a second administrator user with all access rights.

 Endpoint users: Perform these steps on individual client workstations

Create IDS exclusions in ESET PROTECT

  1. Open the ESET PROTECT Web Console in your web browser and log in.

  2. Click Policies → ESET Endpoint for Windows, then click the ellipses next to the policy you want to edit and click Edit.
Figure 1-1
  1. Click SettingsNetwork ProtectionNetwork attack protection and click Edit next to IDS exceptions.
Figure 1-2
  1. Click Add.
Figure 1-3
  1. Select the Alert, type the Remote IP address (IP address of the machine with the software that scans the network).
    Alternatively, to set up an IDS exclusion for a locally installed application, type the full path to the .exe file in Application (e.g. C:\Windows\system32\cmd.exe).
     
  2. In the Action section, select No from each drop-down menu. Click OKSaveFinish to save the policy. If this is a new policy, assign the policy to the correct groups. After the computers check in, they will get the policy change.
Figure 1-4