F-Secure PSB Workstation Security for MAC - some technical questions/remarks

Hi all

 

Some technical questions/remarks on PSB Workstation Security for MAC (after test-driving it for one week on a clean 10.6.8 install):

 

  • Problems with bound Mac's and using network home directories: I see lots of messages like these, several thousand of them. Is this a known issue? (and no, this is not an Office 2011 issue, I see many messages from other documents, too)

30.06.11 00.19.06             com.f-secure.fsavd[61]               Thu 2011/06/30 00:19:06:

getxattr("/Network/Servers/macserver/Shared

Items/Homes/dummy/Documents/Microsoft User Data/Office 2011 AutoRecovery/AutoRecovery save of 20110703 Doc...

.docx") failed with error: 22

30.06.11 00.19.06             com.f-secure.fsavd[61]               Thu 2011/06/30 00:19:06:

Bypassing /Network/Servers/macserver/Shared

Items/Homes/dummy/Documents/Microsoft User Data/Office 2011 AutoRecovery/AutoRecovery save of 20110703 Doc... .docx because is_quarantined failed.

 

  • is there any way to add an exclusion list (like folder-based)? if not - it should be ... we use Wine-based apps quite often and some of them simply crash after installing PSB for Mac
  • there should be the possibility to permanently turn off the firewall, as far as I can see F-Secure turns the firewall on every time the computer starts (or even more often). With some "Locations", having the firewall turned on disrupts the service...

Best

Maurice Wörnhard

Cartagena as, F-Secure Silver Partner

Best Answer

Comments

  • CartagenaCartagena Posts: 18

    Hello Dimtry. Thanks for your answers. Looks like the Mac version is technically not very "mature", but hey it's a start.

     

    The main problem with the tons of log messages is that Console.app basically becomes useless since it's not possible to exclude patterns thru the GUI. So IMHO F-Secure show fix the log behavior - either write to a different log file or give the sysadmin/user the chance to ajust the verbosity of logging.

     

    In the meantime, here is a hint on how to ignore these messages: this article here gave me the general procedure for ignoring messages. So I put the following filter in at the top of my asl.conf: "? [= Sender com.f-secure.fsavd] ignore". (See comment 1 for a procedure to prevent the log to be written to /var/log/system.log - it did not work for me).

     

    /Maurice

  • Thanks for the informative post. This one really helped a lot. image

This discussion has been closed.