Central Policy Management Server and proxy's for distribution of policys and software?

falkowich · January 2017

Hi,

We are working on a new installation with fspms 12.x and "Scanning and Reputation Servers".

So my plan was to put the policy server on a secure network, and have proxys to talk to the clients.

The scanning and reputation servers are on a client facing network too.
But It seems that it isn't any new installations packages for policy proxies in linux.
Is it a "dead" product?

How do you guys recommend a secure setup with segmented networks and a central policy manager?

--
Regards Falk

etomcat · January 2017

Hello,

Please realize that F-Secure products need access to the ORSP cloud server farms, which are located on the public net. Without them there are no reputation look-ups, thus protection level is about 40% lower, especially against newly emerging threats. Isolated / segmented networks are no longer friendly to anti-virus defences, because detection has moved from static databases to online reputation.

Otherwise, F-Secure Policy Manager Proxy has nothing to do with Policy Manager, the name is misleading. It simply distributed the static virus scanning engine databases. I consider it an obsoleted product, some partners use unconfigured Policy Manager Server instanced instead of them.

Best Regards: Tamas Feher, Hungary.

falkowich · January 2017

Tnx,

I "was afraid" of that

So the most effective way for this setup is a fspms with:
- Connection to Internet
- Connection to all networks that use AV (ip/portxxxx) ("dedicated AV network")

--
Regards Falk

Central Policy Management Server and proxy's for distribution of policys and software?

Comments

Categories