How to use F-Secure Endpoint Proxy with a Computer Protection profile

This discussion has a more recent version.
Katriina_M Posts: 445 F-Secure Employee

F-Secure Endpoint Proxy, also referred to as Policy Manager Proxy (PMP) is provided by F-Secure to minimize the bandwidth usage while downloading updates to Computer Protection clients. This proxy caches GUTS2 updates -- the malware signature database. If the PMP is not available, Computer Protection clients automatically fall back to accessing GUTS2 directly.

In this article, we explain how to configure the Policy Manager Proxy and use it with Computer Protection profiles.

  1. Download and install the latest version of F-Secure Policy Manager Proxy:
    • For Windows
      • Download the installer here.
      • When asked for the Proxy Manager Server address, use
    • For Linux
      • Download the installer here.
        Note: Before installing Policy Manager proxy, install the libstdc++ package by running these commands:
        • yum install libstdc++.i686
        • yum install libstdc++.x86_64
      • Configure the proxy:
        • Use the command: /opt/f-secure/fspms/bin/fspms-config.
        • When prompted, provide the server address as
        • Manage F-Secure Policy Manager Proxy manually by typing /etc/init.d/fspms {start|stop|restart|status}.
    1. Check the client updates in the PMP logs:
    • In Linux: /var/opt/f-secure/fspms/logs
    • In Windows: <installation_directory>/F-Secure/Management Server 5/logs
    What the logs mean:
    Log Explanation
    request.log This log lists the requests received from the clients with a response status; for example, a 503 status, means the update is not downloaded from GUTS2 yet, please try again later.
    fspms-serve-updates.log This log lists what was asked by clients. If some updates are missing and requests are received from the client end with a 503 status, the reasons for this are written in this log.
    fspms-download-updates.log This log lists the downloads from GUTS2.
  2. Configure a Computer Protection profile to use the PMP:
    1. Go to Profiles > Computer Protection for Windows tab.
    2. Select the profile that needs modifying, then under General settings find the F-Secure Endpoint Proxy setting.


      This setting represents the local server address set in step 1. Once this profile is assigned to the computer, it can also be verified on the client.

    3. Open the client, then click Tools > Check for updates > View Details.


    4. When the Check for updates window opens, click the View details link.


    5. In Common settings > Updates, in the Update server field (with a PMP address value), check the address, then click Check now.


      The check should execute without any errors.

      Note: The Policy Manager Proxy uses port 80 by default. Make sure this is not blocked by the Windows firewall.