Why is F-Secure changing the technology behind Software Updater?
With this change in technology, we open up the possibility to add Software Updater to other platforms and products. The existing technology was purely for Microsoft Windows, but the new one should make it possible to take it into use elsewhere.
What effect will this have on detections and remediations?
We plan to cover the same range of applications with the new technology, and hopefully even expand on this. Currently the detection is good, so we can alert the administrator of outdated software. Remediating the outdated versions automatically is being worked on constantly, and we aim to be able to patch most products automatically. Unfortunately, this will never be fully possible as some vendors of applications require explicit user logins to their download sites, and we have no way of validating that our customers have valid support agreements with the vendor.
Will it be possible to request support for extra products?
Yes it will be possible to add new software to the supported list, although we must stress that a request is not a guarantee of inclusion. As examples:
- If the software has a limited user base, it would not necessarily be cost-effective for us to add support, so we would prioritize applications that are in use by larger groups of users.
- The software vendor makes it difficult or impossible to detect an outdated version, perhaps by not publishing any information available on this.
When will the old technology stop working?
The old technology will stop working during the early part of 2021, and to make use of Software Updater after that time customers will need to be using new versions of the client software. We advise customers to make the upgrade sooner rather than later.
What do I need to do to take the new technology into use?
For F-Secure Protection Service for Business users, the updated versions will be automatically rolled out to the user base, and the administrator does not need to do anything.
For F-Secure Business Suite users, it’s not as straightforward. This is because the Policy Manager Administrator is responsible for upgrading the clients used in their organization.
Which versions of Business Suite Clients will use the new technology?
- Client Security Premium 12.x and older will not be supported, and customers using those versions should upgrade to a supported version. (14.23 or 15.10)
- Client Security 13.x will be automatically updated to use the new technology
- Client Security Premium 14.x will need to be upgraded to at least version 14.23
- Client Security Premium 15.x will need to be upgraded to at least version 15.10
- Server Security Premium 12.x and older will not be supported, and customers using those versions should upgrade to a supported version (15.00)
- Server Security Premium 14.x will need to be upgraded to at least version 15.00
- Email and Server Security 12.x and older will not be supported, and customers using those versions should upgrade to a supported version (15.00)
- Email and Server Security 14.x will need to be upgraded to at least version 15.00
Do I need to update my Policy Manager?
Yes, an update to Policy Manager is needed to get full benefit of this technology change. The minimum Policy Manager version needed is dependent on the clients in use:
- If you are using any 15.x series clients, then Policy Manager 15.10 or newer is needed
- If you are using any 14.x or 13.x series clients, then Policy Manager 14.43 or 15.10 are needed.
When will the new Business Security versions be available?
We anticipate that the new versions will be released to production during November 2020, and will be formally announced when ready. Beta program participants are already able to try Policy Manager 15.10 Beta and Client Security 15.10 Beta.
Once available, the installers can be downloaded from https://www.f-secure.com/en/business/support-and-downloads
Are there any steps an admin needs to take after updating?
In most cases, there is no need to take additional steps. However, if the administrator has created custom Software Updater filters, these should be checked and amended as needed.
Why are older versions of the Business Suite clients not supporting the new technology?
Versions of F-Secure Business Suite clients before version 13.0 use a totally different technology stack for the whole client, and it is not possible to adapt these to suite the new technology used for Software Updater. As these versions are either already out of support, or will go out of support in the next few months, we feel that we cannot justify the large amount of work needed to match these technologies.
F-Secure Client Security Premium 13.x will be automatically patched to the latest technology when it is ready, without the need for the administrator to do anything. This is possible because of the unique way this particular client version was built.
When will we see the technology used in other platforms and products?
At the moment we have no schedule for when this functionality will be added to other platforms and products, as we want to gain feedback on its use in Windows. This will help us tune the core technology, before committing to it in other products and platforms.