Announcement: New Knowledge Base
4 June 2020: We are pleased to announce the launch of a new Knowledge Base, Changelogs for Business Security Products, where you can find more details, such as bugfixes or new features, about the most recent releases of our business-related products.
F-Secure Computer Protection: Main differences compared to Workstation Security 12
Protection Service for Business’s latest generation of endpoint security client is F-Secure Computer Protection. This product is replacing Workstation Security 12 clients that will be End of Life on 31st of March, 2019.
F-Secure Computer Protection has been in production for a year.
F-Secure has now introduced a migration tool that allows the Solution Provider to migrate easily to Computer Protection clients.
Both security clients can be used with the same license key, no change in subscription is required.
Major changes in Computer Protection
- Significantly revised scanning architecture using the latest technology from the F-Secure Lab, including native support for 64-bit technology.
- Unifies behavior of security components and brings the possibility to add new security features more easily in the future.
- Remotely managed Microsoft Firewall.
- Our security experts updated the default Firewall profiles to handle the most significant threats.
- Silent Computer Protection upgrades without the need to reboot the computer allowing regular updates of the client.
- Completely revised update technology, bringing significant reduction in network bandwidth usage.
- MSI package available (see the article Remote Installation of Computer Protection article)
- Uninstallation can be protected by a password configured in PSB Portal
- Many performance and stability improvements.
- Extensible client architecture, allowing easier integration of new features. For example, the premium features and Rapid Detection and Response (RDR) can easily be activated..
- Remote change of subscription key (without client re-installation) from PSB portal. The computer automatically take into use the new product associated with the key (e.g. Computer Protection Premium and RDR). That replaces the ability to change the key from the client.
- Remote isolation of a computer
- Device Control:
- To restrict the usage of USB devices, such as a memory stick or web cam
- Provide visibility to the USB devices of a computer
- F-Secure Endpoint Proxy: It reduces the bandwith usage by caching malware database updates
- Improved visibility in device details view:
- Scan report in portal: If an admin suspect an issue with a Windows computer, he will be able to check the latest scan report (it might be a scan triggered from portal, or scheduled or manual) remotely.
- Active Directory information: Active Directory name, Organizational unit, Domain Components and GUID are visible.
- Domain and Windows name are visible
Active Directory (AD) filtering: By searching an AD domain in the device list view, only the computers using this domain are displayed. A new category for Active Directory is also available
- Remote diagnostic file (fsdiag): In case of problem with a computer, the PSB administrator can select the computer and request a diagnostic file to be uploaded to F-Secure. The administrator should then provide the reference number (available from the device operations tab, or the view fsdiag operation in support page) to F-Secure in a support ticket.
- RMM Support (Remote Management and Monitoring) as described in the article: Computer Protection integration with RMM software
Computer Protection Premium:
The Premium offer can simply be activated by upgrading the subscription or remotely changing the key without any action required on the client. It includes:
- Application Control: Providing fine grain rules to control the applications running on a computer.
- Default security rules to block the most common threats providing yet another layer of defense
- Configurable rules to block or allow applications and scripts
- White and black list
- Monitoring mode to evaluate rules before enforcing them
- DataGuard: Protecting specific folder to block for example ransomware from modifying them
Rapid Detection and Response (RDR)
RDR can simply be activated by upgrading the subscription or remotely changing the subscription key without any action required on the client.
RDR is an automatic advanced threat identification, that allows an IT team or managed service provider can detect and stop targeted attacks quickly and efficiently. It consists of:
- Lightweight sensors monitor your endpoint users' behaviour and stream the events to F-Secure cloud in real-time.
- F-Secure's real-time behavioural analytics and Broad Context Detection™ distinguish malicious behaviour patterns and identify real attacks.
- Visualised broad context and descriptive attack information make confirming a detection easy. F-Secure Partner or your own IT team manages the alerts, and there's an option to elevate tough investigations to F-Secure.
- Following a confirmed detection, our solution provides advice and recommendations to guide you through the necessary steps to contain and remediate the threat.
- Support for Windows Vista: They account for less than 0,2% of our installed base.
- Email and Spam scanning: This is removed due to the generalization of end to end encryption for email and of widespread use of cloud emails.
- Neighborcast: The introduction of F-Secure Endpoint Proxy and the reduction of overall bandwith usagereduces the need for complex solution such as neighborcast.