Major Features in this Release
This is a beta release of Linux Security 64. This release introduces a new on-access scanner for continuous protection against viruses and potentially unwanted applications. In addition, Linux Security 64 features a system integrity checker for protection against unauthorized system modifications. The product also supports manual scanning of files.
Supported Platforms
Linux Security 64 supports the following Linux distributions:
- CentOS 7
- RHEL 7
- Oracle Linux 7
- Amazon Linux 2.0
- Debian 9
- Ubuntu 16.04
- Ubuntu 18.04
Dependencies
Linux Security 64 requires the following packages to be installed before installing the product:
CentOS, RHEL, Oracle Linux, and Amazon Linux
Debian and Ubuntu 16.04
Ubuntu 18.04
Installation
Installing Linux Security 64 happens by first creating an installation package using Policy Manager and installing the product from the newly-created installer on the target machine.
Please, note that you will need the Policy Manager version 14.20 to be able to install and manage Linux Security 64.
- Configure the Policy Manager Server to use F-Secure beta GUTS2 server:
- Log into a host with Policy Manager Server 14.20.
- Stop Policy Manager Server by running
systemctl stop fspms. - Remove everything from
/var/opt/f-secure/fspms/data/guts2/. - Open file
/etc/opt/f-secure/fspms/fspms.conf and add -Dguts2ServerUrl=http://guts2tp.sp.f-secure.com to additional_java_args config parameter. - Start Policy Manager Server by running
systemctl start fspms - Click import.
- Select Linux Security installation package you want to use and click Import.
- Select the imported installation package in the packages list and click Export.
- Specify a name and a folder for the exported zip file. A Remote Installation Wizard window will appear.
- Click Next.
- Create the installation package:
- In Policy Manager Console, select Tools > Installation Packages from the menu. This opens the Installation Packages window.
- Enter your license keycode for the product and click Next.
- Adjust the address of your Policy Manager Server and it’s HTTP and HTTPS ports if you need and click Finish.
- Extract the zip file into an empty directory.
- Run the following command:
bash f-secure-linuxsecurity/f-secure-linuxsecurity-installer - Read and accept the license terms when prompted.
- After the installation process finishes, Policy Manager Console will shortly show the Linux host in Pending hosts list.
- Install the product:
- Log into the Linux host as root.
- Make sure you have the prerequisites installed (refer to dependencies section above).
- Copy the exported zip file to the Linux host in your network.
Uninstallation
You can uninstall the product from the command line.
- Log in to the Linux host as root.
- Run the uninstallation command:
- RHEL-based distributions:
rpm -e f-secure-linuxsecurity - Debian-based distributions:
dpkg -r f-secure-linuxsecurity
Known Issues
- CSLP-3285: Manual and scheduled scanning are present on the GUI but currently are not operational. You can use the “fsanalyze” command to perform manual scanning from the command line.
- CSLP-3288: Fsdiag generation does not work from the GUI. Use the command-line tool directly on the node, instead.
- CSLP-3286: The update service currently does not generate alerts in case of failures.
- CSLP-3291: Service status and statistics are currently not displayed in the policy manager UI.
- CSLP-3289: Alerts are not mirrored in the system log.
- CSLP-3292: Specifying special files or files in /proc and /sys in manual scanning may hang the product.
- CSLP-3293: Debian-based systems are shown as "Unknown" in the Policy Manager Console.
- CSLP-3309: Uninstall leaves 'fsaccd' process running. As a workaround, kill the fsaccd main process manually.
- A re-install will fail if the process is still running.