David_Carro
Hi!
Send me the actual username, and email address used to access WG cloud.
And if you do have the account ID, that will be perfect. After I receive all that info, I will send it to Customer services.
Regards,
David
Comments
-
Hello, As commented before, It would be more helpful to open cases to our support department, in order to study them, so we can provide customised solutions to each case.
-
My advice, then, would be to open a case to techsupport, so we can study this specific case, and provide a personalised solution.
-
Hello, @SecureMind Please check the top right corner for your online console. There is a bell, for notifications. Please check if you do have the upgrade to latest version available. If so, please apply the upgrade to your console, after reading our upgrading good practices suggestions:…
-
Hello All, When we deployed Decoy Files Feature, we had some false detections due to programs interacting with our decoy files. Those where solved by changing the conditions for triggering detections If at this point in time, you do have detections on the decoy files, we do have to study the cases independently, as it…
-
Hello @lukjrl I am afraid we do not have something like you are asking. Changes on the console will take something between a few seconds to 5 minutes the most. If it takes more that that it will be due to factors outside our reach, like network settings, bottlenecks, resources available on the device or network, etc. You…
-
Hello, S_Matt, I will contact you via PM asap. DAvid
-
Hello, LHD, Please open a case to support@watchguard.com in order to study your specific case, but if the detection is due to malware or PUPs, you will have to create exclusions for those detected files. Regards, David
-
You can use the msiexec commands for uninstalling, and checking the uninstall string on the registry for the product. You will have to use two commands, as agent and protection do have different uninstalling strings on the registry. And this will not work if you have the uninstalling password enabled on the online console.…
-
Hello, Bruce_Briggs Please check he devices to be discovered are on the same subnet than the discovery device. Check they are using private IPs, as we do not search over public IPs try to ping the devices, that could give you a clue on why is not working, as maybe they are unreachable. This is not determinant, but might…
-
Hi, ottl05, Please create a support case by clicking on the support center link at the top of this page. Please include your client ID and contact info so we can study your case in depth. Kind Regards, David
-
Hello, Chris_Kelly At this point you can exclude paths and folders using the instructions on the help url: https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Endpoint-Security/manage-settings/exclude-files-paths-from-scans.html Those are the rules accepted to exclude any file/path/extension. If you have…
-
Dear Stewy you still have the ability to perform scans from the online console. Access the EPDR console, click on the Tasks tab, and at the top right click on Add Task--> scheduled scan. There you will be able to set up an immediate or scheduled scan to one or as many devices as you need. Hope this helps.
-
Hello Robert, Please send the EDR core version running on your devices. Also check if there is an upgrade available: Access the online console for the EDR core. At the top right there is a bell, and it might be having some notifications available. check if you can upgrade to the latest available on your console. Once…
-
El acceso de los usuarios de soporte se da de forma general para un cliente y todos sus productos, no se puede hacer discernimiento sobre a que productos puede dar soporte o no. Pero puedes presentarlo como sugerencia, en la parte superior derecha de la consola de endpoint de la WG cloud, tienes un botón para enviar…
-
Hello, Eagsyn. Is this for a reason in particular? Becasuse devices are continuously communicating with the online servers for various reasons. here you can check what are those timely comunications and why are they uploading/downloading info from the cloud: RegisterPerformMandatory (Backend server registry): Every hour…
-
Hello Travis TDR has been discontinued, yes. And EPDR has got the EDR module (Called Advanced Protection on the online console) on it, so you are very well protected, if I can say so. David
-
PM sent. Please check your PM inbox Have a lovely day, David
-
Hello Mermet Our recommendation would be to change to EPDR which does have the new EDR integrated in a more interactive form, as in the Advanced Protection module, so you can have all the benefits in one single product. But best to know your needs is to contact our commercial department to discuss needs and offers…
-
Keep us informed, let us know if this solved your issue! ;)
-
Hi, SMSytems But you do not want to exclude the extensions, but the filename: wgua_critical_file All the files on the folders start with the same name: https://wgt-my.sharepoint.com/:i:/g/personal/david_carro_watchguard_com/EYY9qtsEARdDg5CBTnK22NIBNAxcTkjwg9V0cO5lB2Mc1Q So just exclude the common name in all of them, and…
-
I have just send a PM to you, let me know if you do have any further issues. David
-
No It cannot be changed, but OneDrive can be setup so this files will not be sync with the cloud: OneDrive for Business: You can configure exceptions using group policies. https://docs.microsoft.com/en-us/onedrive/use-group-policy This would be the particular group policy item to configure: Exclude specific kinds of files…
-
Hi, markhudy When a user opens a session on a TS, the profile folders for that session are stored on the TS. So, if you have access to the TS itself, install the product on the TS device, and all files created on it will be protected. In other words: if you install the protection on the TS device, all session files created…
-
Hello, RadleaTom, If decoy files is disabled and you do still have the wgua_critical files folders, you can delete them, yes. David
-
hello, @SMSystems Access the online console for this client. Access the tab "Settings" Select "Workstations and Servers" on the left hand side. Now select the profiles affected by this blockage. Expand the General option. There you can exclude from analysis the file for opening the PUREVPN app. Much better if you do…
-
Hello, @davide_evomatic Please try this before opening the case: First, update the OS through windows updates. then check the local root certs on the machine and add/update them: Download and extract the contents for the file CertCheck.zip https://www.pandasecurity.com/resources/tools/certcheck.zip Password is panda (all…
-
Hi, @kcarpenter. Normally this tmp file is created by us in order to generate a contextual detection. It is called a dummy file to make the AV detect something through ourselves. (hope that makes sense) Probably it is some call for an unwanted and "un-liked" procedure, and we are stopping the call. As @"james.carson" says…
-
Sorry fo the size of the screenshot. But it is good to get feedback from you, as next time, It will be of a correct size. Cheers!