Information about the Channel Upgrade from PSB Workstation client to Computer Protection
For a few months (see ), F-Secure has been working on enabling our partners to perform an automatic upgrade to Computer Protection, which uses a Windows Firewall integration and replaces the PSB Workstation client. The schedule for this automatic upgrade was set by the partner on behalf of their client customers.
On Monday, March 25, 2019 at 14:00 UTC, we published a new version of the channel upgrade. This was intended to follow the schedule previously set by the partners, but due to an unfortunate technical error, the update was immediately rolled out, overriding the partners’ pre-scheduled date. As soon as we became aware of the issue, we prevented further downloads of this upgrade from approximately 16:00 UTC.
For partners who had disabled the Windows Firewall for their clients, we strongly urge you to check the status of your customers’ firewall to ensure that it is enabled in order to protect the security of their devices. This can be done within the Devices section of the PSB Portal.
Here’s what to do:
- If the Windows Firewall has been disabled by a GPO or another 3rd party software while using a PSB Workstation, the admin should first ensure that the Windows Firewall is re-enabled, if they intend to use the firewall functionality of Computer Protection. This status can also be found in the PSB Portal.
- In a few cases where profiles had not yet been migrated, the channel-upgraded computers took the configured default profile for Computer Protection. You can still trigger the migration to convert the profiles, but you then need to assign them manually.
- If your clients are experiencing issues with the firewall blocking connections due to this, follow these steps:
- If there are issues with outbound connections: Add the required outbound rules for blocked protocol. You can also set Allow unknown outbound connections to ON.
- If there are issues with blocked inbound connections: Add the required inbound rules for blocked protocol. You can also set Allow unknown inbound connections to ON to test inbound connections. However, be aware that this will result in the computer being exposed to inbound traffic. Therefore, a better solution is only to open the necessary ports, and if possible, only for the necessary applications.
If you have any questions, please contact F-Secure support via the web or by phone.
We are analyzing the situation and will continue to investigate what remedial steps can be taken to help our partners recover from this situation. We have also added a popup about this issue to the PSB Portal for partners who are on a Solution Provider level.
We sincerely apologize for the inconvenience this issue has caused our partners and their customers.