With F-Secure Client Security installed in the host, the Delphi debugger process does not work or crash
We recommend to do the following workaround:
Add the exclusion for the Delphi software executable (for example, C:\Program Files (x86)\Embarcadero\Studio\17.0\bin\bds.exe, etc.) in DeepGuard under the Advanced View in the Policy Manager Console:
F-Secure DeepGuard > Settings > Excluded Applications (using full file path of the Delphi software executable) F-Secure DeepGuard > Settings > Applications (using a SHA1 hash of the Delphi software executable)
If you are using Client Security 13.10 or older, you shall upgrade to the latest Client Security 13.11 and above to allow Excluded Applications to work. If you are using Client Security 14.00 - 14.02, we recommend you upgrade to the latest Client Security 14.10 to resolve the issue with exclusions.
Launch an elevated command prompt and type the following one after another:
net stop fsulhoster net stop "F-Secure gatekeeper"
Create the following entry below under the registry HKLM\SYSTEM\CurrentControlSet\Services\F-Secure Gatekeeper\Parameters:
DisableCompanionWait(DWORD) = 1
In the elevated command prompt, type the following one after another:
net start "F-Secure gatekeeper", and ensure that the Gatekeeper driver starts successfully. net start fsulhoster
The provided registry change disables a certain optimization in the F-Secure Gatekeeper driver, which are incompatible with software that tries to suspend processes (ie. Delphi debugger). This registry key does not alter the enabled features or other functionalities of the F-Secure product.
Article no: 000003035
F-Secure Client Security 13.x or (Email and) Server Security 12.x installation using MSI Package failed due to "Setup Wizard ended prematurely" error.
The installation error "Setup Wizard ended prematurely because of an error" when running the F-Secure Client Security 13.x or (Email and) Server Security 12.x installation MSI file can be caused by the following:
Ensure the subscription key used during the export of the MSI installation file is correct. Contact your local F-Secure reseller partner to obtain the license certificate with latest subscription key for F-Secure products Verify if there is any conflicting 3rd party software installed in the host
If none of the above helped with the installation issue, proceed to contact F-Secure Customer Support here for assistance.
Article no: 000001448
Configured Application Control for Client Security 13.x hosts in Policy Manager 14.x but it does not stop the applications from launching
F-Secure Client Security 13 version does not support the Application control feature which is the reason why applications are still able to be launched after configuring the feature through F-Secure Policy Manager 14. The Application control feature is supported by F-Secure Client Security version 14 and newer. You will need to upgrade the hosts if you wish to use this feature. F-Secure Client Security 13 supports the Network Access Control feature which prevents unauthorized applications from gaining network access.
Article no: 000016529
Via proxy or direct connection, F-Secure Client Security is not receiving updates from Policy Manager. The following errors are visible in C:\ProgramData\F-Secure\Log\AUA\AUA.log: [ 8068]Thu Aug 30 11:15:32 2018(3): Connecting to http://<Policy Manager IP address>/guts2/ via http proxy <Proxy IP address> [ 3488]Thu Aug 30 11:15:32 2018(3): Update check failed. There was an error connecting http://<Policy Manager IP address>/guts2/ via http proxy Proxy IP address (Server error) Thu Aug 30 11:15:32 2018(3): Connecting to http://Policy Manager IP address/guts2/ (no http proxy) [ 3488]Thu Aug 30 11:15:32 2018(2): Update check failed. There was an error connecting http://<Policy Manager IP address>/guts2. (Unspecified error) Thu Aug 30 11:17:41 2018(3): Connecting to http://Policy Manager IP address/ via http proxy Proxy IP address [ 3488]Thu Aug 30 11:17:41 2018(3): Update check failed. There was an error connecting http://Policy Manager IP address/guts2/ via http proxy Proxy IP address (Server error)
Test the connectivity from the host to Policy Manager Server by using the HTTP and HTTPS protocol:
Open any web browser on the host that has F-Secure Client Security installed. Enter the IP address of the Policy Manager and press Enter. Repeat the test, only this time by using the HTTPS protocol (for example https://192.168.0.10:443/).
If the HTTP (automatic updates) and HTTPS (management agent) connections are working, the web page should display the following information:
If the connection fails, troubleshoot the network connectivity between the host and Policy Manager at your end. Verify whether the host and the server have permission to connect to each and other (for example corporate firewall, proxy). If the intermediate proxy is a PMP instance and the clients are unable to download updates via it, ensure that PMP can connect to the internet directly as the default configuration for the proxy is forward mode. In this mode, updates are downloaded via PMP but from the internet and not from Policy Manager Server. This configuration is controlled by changing the proxy mode to either reverse or forward. Reverse vs. forward modes define whether the virus definitions and software updates are retrieved directly from the internet or from the configured upstream Policy Manager Server or other proxy. Forward proxy is used to minimize traffic between networks, for example between a branch office and HQ. Reverse proxy is used for example in environments where the proxy has no direct connection to the internet, or to minimize the load on the master server (or other forward proxy). By default the proxy is installed in forward mode. Set "-DreverseProxy=true" additional Java argument to switch it to the 'reverse' mode. You can verify whether PMP can download updates by checking the c:\program files (x86)\Management Server 5\logs\fspms-download-updates.log file. The following message is an example of downloading updates failing: 26.03.2019 14:47:44,034 ERROR [c.f.f.s.g.d.DownloadUpdatesService] - Error while checking latest updates org.apache.http.conn.ConnectTimeoutException: Connect to guts2.sp.f-secure.com:80 [guts2.sp.f-secure.com/220.127.116.11, guts2.sp.f-secure.com/18.104.22.168] failed: connect timed out.
Article no: 000006708
The F-Secure Client Security reports that a suspiciously small datagram fragment has been blocked How to get rid of the warning if it is a false positive?
This type of alerts might be related to a DDoS attack. If they appear on a network, they might also be a sign of a broken or wrongly configured router or device in the network, for example a printer. Proceed to investigate the issue on a network level before applying the modification below. In practice packet with a size below 128 bytes are normally considered inefficient (ratio data/data+headers). To get rid of the alert, you can change what the F-Secure firewall considers as the minimum size for a fragment. In Policy Manager, this setting has to be changed by using the Advanced view. Follow these steps:
Log into Policy Manager Console. Select the host or domain from the Domain tree. Go to the Settings tab and select the Advanced view. Navigate to F-Secure Internet Shield > Settings > Firewall Engine > Minimum fragment size. Set the Minimum Fragment Size to 0. Distribute the policy to the hosts.
Article no: 000001900