ESET Rogue Detection Sensor policy settings

It is possible to change the behavior of ESET RD Sensor using a policy. This is mostly used to change the filtering of addresses. You can, for example, include certain addresses in the blacklist so they are not detected.

Click Policies and expand Custom Policies to edit an existing policy or create a new one.

Filters

IPv4 Filter

Enable IPv4 address filtering - By enabling filtering, only computers whose IP addresses are part of the Whitelist in the IPv4 filter list will be detected, or only those that are not part of the Blacklist.

Filters - Specify whether the list will be a Whitelist or Blacklist.

IPv4 address list - Click Edit IPv4 list to add or remove addresses from the list.

MAC address prefix filter

Enable MAC address prefix filtering - By enabling filtering, only computers whose MAC address prefix (xx:xx:xx) addresses are part of the  MAC address list will be detected, or only those that are not part of the Blacklist.

Filtering mode - Specify whether the list will be a Whitelist or Blacklist.

MAC address prefix list - Click Edit MAC prefix list to add or remove a prefix from the list.

Detection

Active detection - Enabling this option will allow the RD Sensor to search the local network for computers actively. This can improve search results but it can also trigger firewall warnings on some machines.

OS detection ports - RD Sensor uses a pre-configured list of ports to search the local network for computers. You can edit the port list.

Advanced Settings

Diagnostics - Enable or disable the submission of anonymous crash report statistics to ESET for the improvement of customer experience.

Assign

Specify the clients that will receive this policy. Click Assign to display all Static and Dynamic Groups and their members. Select the computer that you want to apply a policy on and click OK.

Summary

Review the settings for this policy and click Finish.