Business Suite

Sort by:
Issue: Visible effects: Windows Server operating system with Server Security 14.00 installed is hanging Windows Desktop operating system with Client Security 13.00 or newer installed is hanging Resolution: UPDATE: The issue related to F-Secure Ultralight Core Update 2019-10-01_01 has now been fixed in the latest Ultralight Core Update, which is available as an automatic update by name  F-Secure Ultralight Core Update 2019-10-22_01. However, if you are still facing similar issues after the update fix, this may happen if F-Secure product have F-Secure Security Cloud Client enabled, but don't have access allowed to fsapi.com address. To resolve this issue, make sure that you have allowed access to fsapi.com from your environment. In case you have isolated environment, or otherwise cannot allow access to fsapi.com, disable F-Secure Security Cloud Client via Policy Manager Console: Log in to Policy Manager Console. Go to Settings tab. Select Advanced view. Navigate to: F-Security Security Cloud Client > Settings > Client is enabled. Select No from the drop-down menu. Make sure that the setting is locked. Distribute policies (CTRL-D). In case you should not have restricted network access, or if above steps didn't help, contact F-Secure support for further assistance. Article no: 000016583
View full article
Your computer is protected with predefined firewall settings. Usually, you do not have to change them. However, you may have to change the settings,...
View full article
If you have installed Client Security on hosts that do not have a network connection, you can update the malware definitions using the tool provided...
View full article
This article describes how you can allow file sharing with F-Secure firewall turned on.
View full article
The following steps describe Policy Manager Proxy node installation for both Windows and Linux.
View full article
F-Secure has released a new generation engine for one of our core scanning engines, which, at F-Secure, we call Capricorn. The engine change brings...
View full article
To be able to combat the more adaptive and targeted attackers of the future even better, F-Secure has made a significant engine update.
View full article
This article describes how you can configure the MyNetwork rule in F-Secure Policy Manager.
View full article
This article explains how you can collect an MBR rootkit sample for F-Secure Labs to analyse.
View full article
There are several ways to get the Hardware ID for a device for the Device Control rules; Using Device Control statistics or Windows Device Manager.
View full article
The firewall drops some frames during network communication, preventing proper operation of third-party applications.
View full article
After having installed the F-Secure product on several workstations in the network, you notice that the Windows login is taking longer than usual,...
View full article
When deploying cloned virtual machines from a template, Policy Manager identifies them as identical machines even when each machine is configured to...
View full article
Next-gen proxy is a role of Policy Manager Server, in which it proxies certain requests to Master Server while serving BackWeb and software updates...
View full article
To find out the latest information about the Client Security for Mac 13.x release, read carefully the Release Notes for the product.
View full article
This article lists the system requirements for Client Security for Mac 13.
View full article
F-Secure Client Security 13.10 (Windows) was released on December 20, 2017.
View full article
Before you install the product, we recommend that you review the sections in the following document (release notes) to make sure that your network,...
View full article
This article provides you with information about the Ilauncher command line parameters.
View full article
This article provides information about the firewall rules needed for Microsoft ActiveSync. It also gives instructions on how to configure the...
View full article
Application Control and the firewall
View full article
Policies are product configurations created on F-Secure Policy Manager and automatically picked up by the client machines. They define the settings of...
View full article
This article provides information on how you can exclude files from scanning by using wildcard characters in the F-Secure antivirus products.
View full article
This article explains how the Launch Scan After Update functionality works for the Anti-Virus component.
View full article
This article explains how the intermediate server failover time setting found in F-Secure Automatic Update Agent (FSAUA) works.
View full article
This article describes how you can use ilauncher.exe with a limited user account to install the F-Secure software.
View full article
You can reset the host UID by using FSMAUTIL (F-Secure Management Agent Utility). One way to do this would be adding a command to the user login...
View full article
Starting from version 13.00, Business Suite products are switching to GUTS2 as a replacement for BackWeb to download virus definition updates. From...
View full article
There are various malware monitoring opportunities available provided both by F-Secure and the operating system.
View full article
This article describes what logic Automatic Update Agent (AUA) uses to prioritize its updates fetch.
View full article
This article contains some pointers about installing F-Secure Client Security and F-Secure Policy Manager. It is intended for use by technical staff...
View full article
This article explains what firewall packet logging is and how to use it.
View full article
Issue: Via proxy or direct connection, F-Secure Client Security is not receiving updates from Policy Manager. The following errors are visible in C:\ProgramData\F-Secure\Log\AUA\AUA.log: [ 8068]Thu Aug 30 11:15:32 2018(3):  Connecting to http://<Policy Manager IP address>/guts2/ via http proxy <Proxy IP address> [ 3488]Thu Aug 30 11:15:32 2018(3):  Update check failed. There was an error connecting http://<Policy Manager IP address>/guts2/ via http proxy Proxy IP address (Server error) [12232]Thu Aug 30 11:15:32 2018(3):  Connecting to http://Policy Manager IP address/guts2/ (no http proxy) [ 3488]Thu Aug 30 11:15:32 2018(2):  Update check failed. There was an error connecting http://<Policy Manager IP address>/guts2. (Unspecified error) [10736]Thu Aug 30 11:17:41 2018(3):  Connecting to http://Policy Manager IP address/ via http proxy Proxy IP address [ 3488]Thu Aug 30 11:17:41 2018(3):  Update check failed. There was an error connecting http://Policy Manager IP address/guts2/ via http proxy Proxy IP address (Server error) Resolution: Test the connectivity from the host to Policy Manager Server by using the HTTP and HTTPS protocol: Open any web browser on the host that has F-Secure Client Security installed. Enter the IP address of the Policy Manager and press Enter. Repeat the test, only this time by using the HTTPS protocol (for example https://192.168.0.10:443/). If the HTTP (automatic updates) and HTTPS (management agent) connections are working, the web page should display the following information: If the connection fails, troubleshoot the network connectivity between the host and Policy Manager at your end. Verify whether the host and the server have permission to connect to each and other (for example corporate firewall, proxy). If the intermediate proxy is a PMP instance and the clients are unable to download updates via it, ensure that PMP can connect to the internet directly as the default configuration for the proxy is forward mode. In this mode, updates are downloaded via PMP but from the internet and not from Policy Manager Server. This configuration is controlled by changing the proxy mode to either reverse or forward.  Reverse vs. forward modes define whether the virus definitions and software updates are retrieved directly from the internet or from the configured upstream Policy Manager Server or other proxy. Forward proxy is used to minimize traffic between networks, for example between a branch office and HQ. Reverse proxy is used for example in environments where the proxy has no direct connection to the internet, or to minimize the load on the master server (or other forward proxy). By default the proxy is installed in forward mode. Set "-DreverseProxy=true" additional Java argument to switch it to the 'reverse' mode. You can verify whether PMP can download updates by checking the c:\program files (x86)\Management Server 5\logs\fspms-download-updates.log file. The following message is an example of downloading updates failing: 26.03.2019 14:47:44,034 ERROR [c.f.f.s.g.d.DownloadUpdatesService] - Error while checking latest updates org.apache.http.conn.ConnectTimeoutException: Connect to guts2.sp.f-secure.com:80 [guts2.sp.f-secure.com/2.21.76.146, guts2.sp.f-secure.com/2.21.76.152] failed: connect timed out. Article no: 000006708
View full article
Issue: DNS resolution for certain sites are blocked with the product installed. How to avoid this from happening? Resolution: Most likely the DNS resolution is blocked by the Botnet Blocker feature. The site is rated as unsafe and hence blocked by the feature. You need to do the following: 1. Share the URL with the Labs team, for further investigation. The Labs team will whitelist the URL if the site is not malicious: https://www.f-secure.com/en/web/labs_global/submit-a-sample#sample-url 2. Whitelist the blocked site or the IP address of the blocked site via the Advanced View in the PM Console at: ======================================================================== * F-Secure Browsing Protection > Settings > Reputation Based Protection > Trusted Hosts * F-Secure Browsing Protection > Settings > Reputation Based Protection > Trusted Sites ======================================================================== Article no: 000003887
View full article
Issue: How to migrate from Client Security to Computer Protection using Policy Manager? Resolution: Kindly follow the steps explained here on migrating from Client Security to Computer Protection using Policy Manager Console. NOTE: The bs2cp_psb*.jar file that needs to be downloaded is dependable on which F-Secure PSB portal you have your F-Secure PSB Computer Protection subscription in and not the region where you are located. EMEA: https://emea.psb.f-secure.com/ AMER: https://amer.psb.f-secure.com/ APAC: https://apac.psb.f-secure.com/ EMEA2: https://emea2.psb.f-secure.com/ EMEA3: https://emea3.psb.f-secure.com/ Your login credentials will only be applicable to one of these portals, therefore, the bs2cp_psb*.jar file is dependent on this. Article no: 000007334
View full article
Issue: When I try to create Offline MSI installer via the FSMSI tool I get the error "FsMsiTool is not recognized as an internal or external command."  Resolution: You have to execute the FSMSI tool command from the directory where the tool is copied to or else you will get the error.  Article no: 000014777
View full article
Issue: The F-Secure Client Security reports that a suspiciously small datagram fragment has been blocked How to get rid of the warning if it is a false positive?  Resolution: This type of alerts might be related to a DDoS attack. If they appear on a network, they might also be a sign of a broken or wrongly configured router or device in the network, for example a printer.  Proceed to investigate the issue on a network level before applying the modification below. In practice packet with a size below 128 bytes are normally considered inefficient (ratio data/data+headers). To get rid of the alert, you can change what the F-Secure firewall considers as the minimum size for a fragment.  In Policy Manager, this setting has to be changed by using the Advanced view. Follow these steps:   Log into Policy Manager Console. Select the host or domain from the Domain tree. Go to the Settings tab and select the Advanced view. Navigate to F-Secure Internet Shield > Settings > Firewall Engine > Minimum fragment size. Set the Minimum Fragment Size to 0. Distribute the policy to the hosts. Article no: 000001900
View full article
Issue: How to create a custom firewall rule (service)? Resolution: To create a custom firewall rule over the Policy Manager Console: For Client Security 14 Open the Policy Manager Console and go to the Settings-tab Go to Firewall, using Standard view (changeable in the upper right corner) Make sure the 14.X clients-tab is selected Select the profile you want to edit from the Profile being edited-dropdown menu (if the list only contains the default profiles, clone the one you want to use as a base as the defaults can't be modified) Click Add rule on the right of the firewall rules list and create the rule as needed (see step 6 if the service required is missing) If the service you want to add is missing, click on Configure network services below the firewall rule list. Click Add and follow the steps to add a new firewall service Check the Enabled-checkbox to the left of the rule name to make sure that it is in use Distribute the new policy by clicking the symbol in the upper left corner of the interface, or by pressing Ctrl+D For Client Security 13 Open the Policy Manager Console and go to the Settings-tab  Go to the Advanced view Select F-Secure Internet Shield  Go to Settings and select Services Press Add and create a custom rule Go to Rules and select the firewall Security Level you want to work with Press Add before/Add after and select the rule you have created Distribute the new policy by clicking the symbol in the upper left corner of the interface, or by pressing Ctrl+D Note: Make sure, that the correct Security Level is assigned to the workstations: <F-Secure Internet Shield>Security Level> Active Security Level>. To create a custom firewall rule locally on the workstation: In Client Security 14 In versions 14.00 and later, rules are added through the Windows firewall settings. You can reach them through the Client Security user interface: Open F-Secure Client Security Click on Tools Click on Firewall settings Click on the Change Windows Firewall settings...-link to be brought to the Windows firewall settings In Client Security 13 Open F-Secure Client Security Go to Settings and select Internet Connection Go to Firewall and select Services Press Add and create a custom rule Go back to Firewall and select Rules Select the firewall Security Level you want to work with Press Add and select the rule you have created Press OK Additional information can be found here: https://community.f-secure.com/t5/Business-Suite/How-do-I-create-a-custom/ta-p/116212 https://community.f-secure.com/t5/Business-Suite/How-do-I-create-a-custom/ta-p/116213 Article no: 000002698
View full article