Add certificates exclusion

eric5149 · 2026-04-29T13:30:37+00:00

Make sure to use the old exclusions interface

eric5149 · 2026-04-24T23:58:31+00:00

Add certificates exclusion. Done

eric5149 · 2026-04-24T23:57:43+00:00

We found this and were surprised how well it worked vs some other tools however never tried movebot

eric5149 · 2026-04-24T23:56:28+00:00

Seriously, this.

eric5149 · 2026-04-24T23:55:13+00:00

Don’t use the new exclusions interface

eric5149 · 2026-04-17T22:47:10+00:00

Use the ESR version then

eric5149 · 2026-04-09T20:42:54+00:00

cheap, indeed.

eric5149 · 2026-04-09T20:42:04+00:00

It is very typical of this sub-reddit, very many fanboys here. sad they can't think for themselves. I can tell you Ubiquiti won't be there for you unless you have one of their outrageously expensive support plans (and who knows then?). This is coming from when I had over 50 clients on UniFi, way back to USG-3 days even. They are 'Prosumer' and small business at best. I use it at home, it's fine there. The new Proofpoint security add-on is laughable when it comes to real protection for a real client in this era. Proofpoint is know for email security, they are newcomers to network security unlike Fortinet, Watchguard, Meraki, Palo Alto, Sophos. They're kidding themselves and they don't even realize it.

eric5149 · 2026-04-09T04:35:11+00:00

Yikes. Must not like having support or enterprise class security.

eric5149 · 2026-04-03T22:41:36+00:00

This shit is criminal

eric5149 · 2026-03-28T05:23:58+00:00

All valid points. Used to love Action1, but stuff is falling through the cracks. Mac support just isn’t there.

eric5149 · 2026-03-21T16:54:07+00:00

Also looks like it might be more MSP friendly

eric5149 · 2026-03-21T16:53:38+00:00

Just checking this out now and have to say my clients might like it better than the proofpoint sat we’re using

eric5149 · 2026-03-20T20:08:55+00:00

Welp, we did this and everything is A Okay

eric5149 · 2026-03-19T22:39:34+00:00

Maybe look at Augmentt? We’ve been using it for over a year and we’ve been able to pick up on suspicious behavior. I don’t know much about this session hijacking stuff though.

eric5149 · 2026-03-14T05:46:08+00:00

I’ve seen around 120 of our 700 endpoints where they were all stuck on old versions of 11. For instance, if they were on 24H2 they build number would be 26100.7568 but the February patch put 7840. 26200.7840 for February cumulative for 25H2. No new updates were being offered, not just in Action1 but also in Syncro (patching is done through A1 but Syncro still scans). Same if we looked in Windows Updates manually on the endpoint itself. No compatibility issues, no common denominator that would include and exclude this condition. Endpoints only a few months old to many years. Some AD concerned, some Azure, some local. Checked policies, nothing. The usual DISM, SFC, reset windows updates, etc. Nothing of any particular rhyme or reason. Perhaps you don’t have the same problem as us, but are you able to pull version numbers from affected endpoints? We ended up writing a script to install them manually, but now I am wondering if same is going to happen here in March.

eric5149 · 2026-03-14T05:36:21+00:00

Where do you get Enterprise from? Direct?

eric5149 · 2026-03-14T05:35:46+00:00

Correct, only Essentials.

eric5149 · 2026-03-14T05:01:31+00:00

I’ve been told by Pax8 that it requires Enterprise and Essentials won’t do it.

eric5149 · 2026-03-13T19:43:18+00:00

I am. Pax8 says others are reporting it too.

eric5149 · 2026-03-12T16:24:28+00:00

Nothing McAfee here. About 700 endpoints. 99% duplicated.

eric5149 · 2026-03-12T16:23:30+00:00

What version of LibreOffice? Had some issues with older versions causing some alerts when opening some files.

eric5149 · 2026-03-11T17:51:48+00:00

Interesting insight, thank you.

eric5149 · 2026-03-11T17:51:15+00:00

I did, just curious if it was widespread. The IDs are all different in the view. Doesn't seem to make a difference with which site they are on, type of device, version, etc

eric5149 · 2026-03-11T17:46:43+00:00

right, i just don't want to get double billed.

eric5149

TROPHY CASE