When an F-Secure endpoint product is installed on a computer or server, there is high CPU usage and applications are experiencing performance issues. The connectivity of some applications can also be slow or blocked completely.
Issue affects all F-Secure clients using Security Cloud:
- PSB Computer Protection (Elements Endpoint Protection for Computers)
- PSB Server Protection (Elements Endpoint Protection for Servers)
- Business Suite Client Security
- Business Suite Server Security
- Business Suite Email and Server Security
By default the product checks the files using the F-Secure Security Cloud. If the connectivity to the Security Cloud is blocked, it may cause degraded performance on the device, since the product will be unable to check the whitelisted files from the cloud and DeepGuard will start to aggressively monitor applications.
You can read more about the purpose, function and benefits of F-Secure Security Cloud from here.
If you have Security Cloud enabled, make sure that the product is able to access the following domain ranges:
If you need a more precise list of addresses, you can view all the required addresses with the F-Secure Connectivity Tool, which is available in the installation folders of Computer Protection, Server Protection, Client Security and Server Security. With the tool you can view the list of addresses and check you connection to them.
Note: For Client Security the tool is available in 15.20 and later versions, and for Server Security 15.10 and later.
The tool is located in the following folder:
- Client Security: C:\Program Files (x86)\F-Secure\Client Security\ui\fsconnectionchecker.exe
- Server Security: C:\Program Files (x86)\F-Secure\Server Security\ui\fsconnectionchecker.exe
- Computer Protection and Server Protection: C:\Program Files (x86)\F-Secure\PSB\ui\fsconnectionchecker.exe
If the host system has in general no internet connectivity, we suggest to disable the F-Secure Security Cloud client:
In case HTTP proxy is needed to reach Internet, you can configure the HTTP proxy for the Automatic Update Agent, via the following setting in the Policy Manager Console:
- Open the Policy Manager Console
- Select the policy domain or host
- Settings > Windows > Real-time scanning > Use Security Cloud [disable]
- Distribute the policy
Below you can find listed a few log examples of errors related to connectivity issues to the Security Cloud:
- Settings (Advanced) > F-Secure Automatic Update Agent > Settings > Communications > HTTP settings > Use HTTP proxy
- Settings (Advanced) > F-Secure Automatic Update Agent > Settings > Communications > HTTP settings > User defined proxy settings > address
.W: SecurityCloud::Query: ORSP failed for 0dac68816ae7c09efc24d11c27c3274dfd147dee (0, 0)
.W: SecurityCloud::Query: Too many successive ORSP failures. Further failure logs will be suppressed
.W: SecurityCloud::Query: ORSP query took 3016ms
.W: fs::rs::WinSocket::Impl::waitForConnection: Wait failed: 258
.W: fs::rs::WinSocket::Impl::connect: Conection timeout: doorman.sc.fsapi.com
.W: Filter2::ContentFilter2State::ReplyDriverMessage: Failed to reply message 2222
transportAgent.log (Email and Server Security only)
.W: FSecure.AntiVirus.Exchange.Transport.FSMessageScanner: Can't get a response from FSSCORE. The following URLs will not be scanned
.W: fs::xrssdk::HttpClient::UpdateQueriesState: failure on handle 0000022A27886290 7 Failed to connect to doorman.sc.fsapi.com port 443: Connection refused
.W: fs::xrssdk::HTTPQueryTask::get_callback::<lambda>: http http task 0000022A2767C200 complete, curlerr 7, http_status 0, httpver 888, size 0
.W: fs::xrssdk::HTTPQueryTask::complete_query: curl error 7 for http task 0000022A2767C200
.W: fs::QueryDoorman: Cannot connect to doorman.sc.fsapi.com
.W: fs::xrssdk::HttpClient::UpdateQueriesState: failure on handle 000001BB7BC90070 7 Failed to connect to a.karma.sc2.fsapi.com port 443: Timed out
.W: fs::xrssdk::HTTPQueryTask::get_callback::<lambda>: http http task 000001BB78526E70 complete, curlerr 7, http_status 0, httpver 888, size 0
.W: fs::xrssdk::HTTPQueryTask::complete_query: curl error 7 for http task 000001BB78526E70
Article no: 000030468