Business Suite

Sort by:
Issue: When installing F-Secure Policy Manager 14.x, user receives the following error after clicking Next on the Configure ports page: Error: "The Host Module HTTPS port number specified is already in use."   Resolution: If the port you have chosen for F-Secure Policy Manager communication is in use by other services (e.g Microsoft webserver), thus causing a conflict, you can solve the issue by changing the port F-Secure Policy Manager will use or by deactivating the service causing the conflict or changing the port that service is using.    Article no: 000018483
View full article
Issue: How to export the Device Control hardware devices list in Policy Manager 14.x in CSV format? Resolution: Follow these instructions to export the Device Control hardware devices table as CSV: Highlight the policy domain from the Domain Tree  Go to the Settings tab and select Advanced View Navigate to F-Secure Device Control >  Settings > Devices > Hardware Devices Right click table and choose Export table content Article no: 000018777
View full article
Issue: What is considered "new infection" in the F-Secure Policy Manager Web Reporting view? Resolution: Log on to your F-Secure Policy Manager Console Select the Policy domain   or Host   /   you want to edit Switch to the Alerts tab Every item in the list, which is not marked as "read" will be considered as "new" in the Web Reporting Note: As long as an item in the Policy Manager Console Alerts list is not marked as "read", it will appear in the Web Reporting in the list for "New top 10" and "New infection details". Article no: 000018681
View full article
Issue: We have several F-Secure Scanning and Reputation Servers (SRS) to handle load balancing. How to check how many hosts are connected to each SRS server?  Resolution: The amount of connected hosts can be checked through the F-Secure Policy Manager 14.x advanced status view: Log in to Policy Manager Console  Select the SRS server from the Domain Tree Go to the Status tab and select Advanced view Navigate to F-Secure Scanning and Reputation Server > Statistics > Server > Connected hosts Here you can see how many hosts are connected to the selected SRS server. Article no: 000018602
View full article
Issue: We used to be able see in the Policy Manager Console Alerts list frequent alerts with the source being F-Secure Anti-Spyware. After upgrading to F-Secure Client Security 13 or newer such alerts are not being sent from the clients. Where can we see events from the F-Secure Anti-spyware module? Resolution: The F-Secure Anti-Spyware reporting has been integrated to F-Secure Anti-Virus in F-Secure Client Security 13 and newer versions. If you have for example F-Secure Client Security 14 installed on your clients, any Anti-Spyware alerts are reported to Policy Manager Console, the source will be shown as F-Secure Anti-Virus.   Article no: 000018481
View full article
Issue: Does F-Secure Policy Manager create and maintain an audit log for user and admin activity? For example for these events: User login / logoff Host deletion  / add / rename events Policy sub-domain deletion / add / rename events  Change of policy settings Resolution: The F-Secure Policy Manager server logs can be found in the following folder: C:\Program Files (x86)\F-Secure\Management Server 5\logs The user login actions are not recorded, but there are 2 logs that record actions made by the users while logged in to the console. Changes made to policy settings: fspms-policy-audit.logs Changes made to the Policy domain computers/servers or specifically changes made to the policy domain structure: fspms-domain-tree-audit.logs Q: How to find out who deleted a policy sub-domain in Policy Manage Console? A: This information is available in the fspms-domain-tree-audit.logs. Below is an example, where a sub-domain called test was added and immediately deleted. 05.12.2019 09:44:17,785 INFO [audit.domainTree] - User 'admin' added domain test (id=76) to domain Root (id=1) 05.12.2019 09:44:23,615 INFO [audit.domainTree] - User 'admin' deleted domain test (id=76)   Article no: 000007129
View full article
Issue: Sub admins imported via active directory gets the error "No existing transaction found for transaction marked with propagation 'mandatory'. To get back to the Web Reporting main page click here" when they select any host on their domain structure in Policy Manager 14.20 Web Reporting. Resolution: A hotfix has been created that will resolve the issue. The fix will be included in the upcoming F-Secure Policy Manager 14.30 version. Contact F-Secure Customer Service here to obtain the hotfix. Once you have obtained the hotfix, follow these steps to install the hotfix: For Policy Manager Windows: Extract the file somewhere in the server (e.g. Desktop) Exit the Policy Manager Console Launch command prompt as administrator To stop Policy Manager Server services, type the following below and hit enter: net stop fsms Copy and replace the fixed fspms-webapp-1-SNAPSHOT.jar in <Policy Manager Server installation folder>\F-Secure\Management Server 5\lib Start Policy Manager Server services by typing the following below in the elevated command prompt and hit enter: net start fsms For Policy Manager Linux: Stop the F-Secure Policy Manager Server services by executing the following command: # /etc/init.d/fspms stop Copy the fix to the folder /opt/f-secure/fspms/lib Start the F-Secure Policy Manager Server services by the typing the following command below and hit enter: # /etc/init.d/fspms restart Article no: 000013564
View full article
Issue: By default, Linux distributions set a umask of 022. However, if this is modified e.g. to harden the underlying system, it can cause a problem where the Automatic Update Server process (bwserver) fails to start. This is due to the process bwserver not being able to read its own config-file /etc/opt/f-secure/fsaus/conf/server.cfg. This will prevent legacy clients from downloading updates from the Policy Manager Server. Legacy clients include: Email and Server Security version 12.x and older  Server Security 12.x and older Client Security versions older than 13.x. Resolution: The workaround is to manually set the permission for server.cfg after installation and restart the fspms daemon. As root execute the following commands: # chown fspms.fspms /etc/opt/f-secure/fsaus/conf/server.cfg # /etc/init.d/fspms restart Article no: 000018505
View full article
Issue: Policy Manager Server is rejecting Policy Manager Console connections from a remote host.  When trying to connect to Policy Manager Server running on Linux using a Windows machine, the following error is displayed: "Cannot connect to server 172.16.0.6:8080. Check that the host name and port number are correct. Port number 8080 is used by default". Resolution: By default F-Secure Policy Manager Server is set up to only accept connections from localhost. Follow the steps below to allow remote connections and then test the connectivity from the remote Policy Manager Console. If Policy Manager Server is installed on a Windows OS: Stop F-Secure Policy Manager Server services Open registry Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Data Fellows\F-Secure\Management Server 5 Edit the value of [REG_DWORD] RestrictLocalhost to 0 Start F-Secure Policy Manager Server services If Policy Manager Server is installed on a Linux OS:  Stop the Policy Manager Server daemon (/etc/init.d/fspms stop) Open the file /etc/opt/f-secure/fspms/fspms.conf Check the line adminExtensionLocalhostRestricted value and make sure the value is set to false Save the file and restart the Policy Manager Server daemon (/etc/init.d/fspms restart) Once Policy Manager Server service has restarted, try to login from the remote Policy Manager Console. Please do check our other F-Secure Community KB article as well. Article no: 000001368
View full article
Issue: User get the following error message when trying to log in to Policy Manager Console: Cannot connect to server: authorization failed because the specified user credentials are invalid. Resolution: This error message appears because you are using either a wrong username or password when logging in.  The default username when logging in to Policy Manager Console is Admin. The password for the Admin account was set at installation, and if you do not know the correct password for the Admin account, you can reset it by following these steps: Stop F-Secure Policy Manager Server service  Open command line prompt as administrator Run the reset-admin-account.bat from this location: C:\Program Files (x86)\F-Secure\Management Server 5\bin\ Enter your new password Start F-Secure Policy Manager Server service Try to log in to Policy Manager Console To change the password for any other Policy Manager Console user account, use the following instructions: Log in to Policy Manager Console by using the Admin account (If needed, reset the password for the set Admin account by using the above instructions) To use the setting, in Policy Manager Console select Tools > Users To change the password, delete the existing user account Recreate the account. This option allows you to configure a new password for the set account Article no: 000009319
View full article
Issue: I have forgotten my login password to F-Secure Policy Manager Console, how do I reset the admin password? Resolution: If you have lost the password for the admin user, or if the account was accidentally deleted, you can reset the admin account for Policy Manager on Windows by following the steps below: Stop F-Secure Policy Manager Server service  Open command line prompt as administrator Run the reset-admin-account.bat from this location: C:\Program Files (x86)\F-Secure\Management Server 5\bin\ Enter your new password Start F-Secure Policy Manager Server service Try to log in to Policy Manager Console For Policy Manager on Linux, use the following script to reset the user account: /opt/f-secure/fspms/bin/fspms-reset-admin-account If you are still not able to login to Policy Manager Console, make sure the account used in the login windows is admin (and not administrator). Article no: 000002657
View full article
If you want to exclude files or folders from being scanned by Real-Time scanning, follow these steps:
View full article
Issue: What are the default ports used by Policy Manager Server and Policy Manager Proxy? This article lists the network ports that F-Secure Policy Manager Server and F-Secure Policy Manager Proxy uses. If you use any port filtering devices or software, verify that the required ports are available. Port filtering devices and software include firewalls, routers, proxy servers or IPsec.   Resolution: Default TCP-Ports: F-Secure Policy Manager:  8080 Default https-port used for Admin module used for communication with Policy Manager Console. 8081 Default https-port for F-Secure Policy Manager Web Reporting, the graphical reporting system included in Policy Manager Server. 443 Default https-port used for the host module used for communication with the hosts, excluding client database-updates. 80 Default http-port used for the host module used for communication with the hosts (legacy F-Secure clients). All F-Secure clients by default download database updates using this port. Default TCP-Ports: F-Secure Policy Manager Proxy: 443 Default https-port used for the host module used for communication with the hosts, excluding client database-updates. 80 Default http-port used for the host module used for communication with the hosts (legacy F-Secure clients). All F-Secure clients by default download database updates using this port. Note: F-Secure Web Reporting might not be enabled in your configuration. The Policy Manager Server admin module is not by default exposed to other network interfaces than localhost. Software Updater (SWUP) updates are downloaded on port 80.   Article no: 000018194
View full article
Issue: How does the firewall automatic selection in Policy Manager work? How to set up the automatic selection profile? Resolution: To set the firewall automatic selection profile changes to work, create the auto select rule based on conditions such as gateway IP, DNS, etc. As an example, when the Windows Firewall profile is changed to different networks (public, private, domain), there is network change happening too. This can be used as the condition for firewall automatic selection rule to trigger. When a host is connected to Domain network, it will use default firewall profile "Office, file and printer sharing". When a host is connected to Public network and assign to DHCP IP address, it will switch to firewall profile "Server". When a host is connected to Private network that communicate to gateway IP (Example: 192.168.1.103), it will switch to firewall profile "My test firewall profile". Note: The firewall automatic selection is based on rules priority. The rule consists of two conditions: Method1/Argument1 and Method2/Argument2.  When both conditions are met, the profile specified in the rule is selected. The rules are evaluated whenever changes in the network interfaces are detected, and the rule with the highest priority is applied in case there are more than one matching rule.  If none of the rules match, the profile will remain unchanged. Therefore a fallback rule, with both methods set to Always, is usually put at the bottom of the rule set. Supported methods and arguments: Never: Never true (argument ignored) Always: Always true (argument ignored) DNS Server IP Address: IP address given as the argument matches with a DNS server DHCP Server IP Address: IP address given as the argument matches with a DHCP server Default Gateway IP Address: IP address given as the argument matches with the default gateway My Network: IP address given as the argument falls within the LAN subnet of the host Dialup: A dial-up connection is open (argument ignored) In IP address arguments, the asterisk (*) may be used as a wildcard, but only in place of whole pieces of the address. For instance 172.16.*.*, but not 172.16.*10.* or 172.16.*. Example: Method1 = Default Gateway IP Address Argument1 = 123.12.0.1 Note: The Argument value is irrelevant for Always, Never and Dialup methods. How to configure My Network rule in Policy Manager autoselect: https://community.f-secure.com/t5/Business-Suite/How-to-configure-MyNetwork-rule/ta-p/20670 Article no: 000013127
View full article
Issue: How can we configure a scheduled manual scan to only alert on detections (report only)? Resolution: This is currently not supported, but we are planning to improve this in upcoming versions of both Client Security 14.20 and Server Security 14.10. Both versions are expected to be released during the first half of 2020. Article no: 000017966
View full article
Issue: When starting a Scan for updates operation through the advanced settings view for Software Updater, the status gets stuck as "in progress" permanently. Resolution: How to remove that scanning task using H2 console: First you need to enable H2 console: Close F-Secure Policy Manager Console if it is open. Next steps must be done on a server where Policy Manager Server is installed Stop F-Secure Policy Manager Server service. Open Registry Editor (regedit). Go to HKLM>SOFTWARE>Wow6432Node>Data Fellows\F-Secure\Management Server 5\ Edit "additional_java_args" Add parameter (NOTE: Parameter is case sensitive):   -Dh2ConsoleEnabled=true  Close registry editor and start F-Secure Policy Manager Server service. Now open the H2 Console: Open Internet Explorer/Firefox/Chrome Go to https://<PolicyManagerServerIP>:<AdminPort> Eg. https://localhost:8080 **localhost can be used, if you are running this from the PM Server itself. And then Execute the following SQL statement: DELETE FROM operations WHERE type_oid_id IN (SELECT id FROM oid_dictionary WHERE oid='1.3.6.1.4.1.2213.59.3.10.1'); It will clean all other relevant entries automatically. Close the H2 console and restart the Policy Manager Console. Article no: 000017341
View full article
Issue: User wants to exclude a specific software update from F-Secure Software Updater automatic installation. Resolution: You can create a rule to exclude a certain software update from Software Updater automatic installation in Policy Manager Console by following these steps: Log in to Policy Manager Console  Select the host or domain from the Domain tree  Select the Settings tab Go to the Software Updater page Click Add from the right side of Exclude software from automatic installation table Enter software name and/or bulletin ID  Distribute policy to the hosts  Now the selected domain or hosts will have an exclusion for the software updates you have created a rule for.  Article no: 000002779
View full article
Issue: I would like to register my F-Secure Policy Manager Server which is not connected to a network (offline), how do I proceed? Resolution: Contact F-Secure support by opening a support request (https://www.f-secure.com/en/web/business_global/support/support-request) Provide the following information for F-Secure technical support to create an offline registration file: Account Name Customer ID Installation ID  Business Suite license Expiry date How to obtain Customer and Installation ID: Open F-Secure Policy Manager console, and go to Help menu > Registration dialog, or; Find the information from the Policy Manager Server installation folder, ...\F-Secure\Management Server 5\Data (Windows) or /var/opt/f-secure/fspms/data (Linux), open the file called upstream-statistics.json using notepad. Customer ID is on line 5 and Installation ID is on line 6. Once support has provided you with an offline registration file, use the following steps to activate it on your Policy Manager Server Windows: Copy the offline registration file to the folder F-Secure\Management Server 5\data Restart the F-Secure Policy Manager Server services by typing the following command in an elevated command prompt (CMD):   net stop fsms   net start fsms Linux: Copy the offline registration file to the folder /var/opt/f-secure/fspms/data  Restart the fspms daemon:  # /etc/init.d/fspms restart F-Secure Policy Manager will be activated until the expiry of your current subscription. After renewing the subscription you need to request a new registration token from support. Make sure to do this some time in advance so that you don't end up with an expired Policy Manager Server. Article no: 000001107
View full article
Issue:  I distributed an invalid policy to multiple hosts using Policy Manager Console. How can I troubleshoot this or identify what settings was changed and to which hosts it was distributed? Resolution: To locate this information, you can use available logfiles from the server running Policy Manager. fspms-domain-tree-audit.log Below is an example of this this logfile: 10.10.2019 13:21:59,139 INFO [audit.domainTree] - User 'admin' deleted host with identity 79fee1c5-e85b-4a90-b462-09354abb56fd (id=3) 10.10.2019 13:22:06,519 INFO [audit.domainTree] - User 'admin' moved host with identity b8a4bb94-2a9a-4830-b45b-8e45a531279c (id=36) to domain CS 14 hosts (id=4) 22.10.2019 14:14:12,929 INFO [audit.domainTree] - User 'admin' deleted host with identity f4ef246e-61c2-4ac1-949b-f0d3d3be4aa3 (id=35) 28.10.2019 10:54:20,208 INFO [audit.domainTree] - User 'admin' added domain test domain (id=39) to domain Root (id=1) This logfile allows us to understand host- and domain.operations (including the root-domain). Operations include the following: add, remove, rename, move. In our example, the last line, the user ADMIN added a new sub-domain "test domain" with id=39. Another file we are interested in called: fspms-policy-audit.log Below is an example of this this logfile: 23.10.2019 12:22:02,929 INFO [audit.policy] - type="lockedOnClient", domainId="36", OID="1.3.6.1.4.1.2213.12.1.111.2.100.100.60", oldValue="false", newValue="true" 23.10.2019 12:22:02,929 INFO [audit.policy] - type="lockedOnClient", domainId="36", OID="1.3.6.1.4.1.2213.12.1.111.2.100.100.61", oldValue="false", newValue="true" 23.10.2019 12:22:52,528 INFO [audit.policy] - User="admin" applied the following policy changes: 23.10.2019 12:22:52,528 INFO [audit.policy] - type="setting", domainId="36", OID="1.3.6.1.4.1.2213.12.1.111.2.100.100.61", oldValue="null", newValue="c:\test\printfile_release.exe" 23.10.2019 12:23:19,545 INFO [audit.policy] - User="admin" applied the following policy changes: 23.10.2019 12:23:19,545 INFO [audit.policy] - type="setting", domainId="36", OID="1.3.6.1.4.1.2213.12.1.111.2.100.100.61", oldValue="c:\test\printfile_release.exe", newValue="" 23.10.2019 12:34:32,557 INFO [audit.policy] - User="admin" applied the following policy changes: This logfile provides an audit trail for setting changes meaning (what setting was changed and how). The sub-domain in Policy Manager Console is reflected by DomainId. The actual settings is referred to by the OID:   23.10.2019 12:22:52,528 INFO [audit.policy] - type="setting", domainId="36", OID="1.3.6.1.4.1.2213.12.1.111.2.100.100.61", oldValue="null", newValue="c:\test\printfile_release.exe" How do we find the setting 1.3.6.1.4.1.2213.12.1.111.2.100.100.61 in Policy Manager Console? This is perhaps the trickiest part, because we do not have a list of settings available. However, you can find the settings by using Policy Manager. The part of the address that identifies the F-Secure company in the OID is 1.3.6.1.4.1.2213. The latter part identifies the application and the specific setting in the application. Here we have  12.1.111.2.100.100.61 See screenshot capture1.pnn: by selecting "F-Secure Anti-Virus" in Policy Manager Console, you can se that the application is "F-Secure Anti-virus" -> "Object identifier" = 1.3.6.1.4.1.2213.12 When we go further inside the settings in "F-Secure Anti-Virus", we can locate the relevant setting here: - F-Secure Anti-virus    -> Settings     -> Settings for real-time protection        -> Scanning options           -> File scanning               -> Inclusions and exclusions                 -> Excluded processes. To give you an example using syntax we saw in fspms-policy-audit.log: 23.10.2019 12:22:52,528 INFO [audit.policy] - User="admin" applied the following policy changes: 23.10.2019 12:22:52,528 INFO [audit.policy] - type="setting", domainId="39", OID="1.3.6.1.4.1.2213.12.1.111.2.100.100.61", oldValue="null", newValue="c:\test\printfile_release.exe" Based on the information we learned, this entry translates to: Policy Manager Console User=Admin, applied the process exlusion "c:\test\printfile_release.exe" exclusion for domain "test domain" (DomainID was available in fspsm-domain-tree-audit.log) . Article no: 000017432
View full article
Issue: Policy Manager Console is unable to import Client Security for Mac 13.12 jar file. Error "Cannot import 'fscsmac-13.12-rtm.jar": 'ClassPath' entry in section(s) 'InstallationWizard' and 'UninstallationWizard' does not point to wizard entities" is shown when importing. Resolution: You have to upgrade your F-Secure Policy Manager to version 14.20 before importing Client Security for Mac 13.12 installation package. You can find all the latest installers from our Support and downloads page. For more information refer to the help guide.   Article no: 000017540
View full article
Issue: How can i find out what was the last policy issued to a host in Policy Manager Console? Resolution: Check the screenshot below. This shows the field Policy file timestamp, which reflects when the policy file for this host was created. The same screen also indicates, whether the host has this latest policy in use as the column Policy in use states Latest. However, some of these fields are not visible by default (e.g. Policy in use). To enable or disable them, right-click the column header and left-click to enable or disable different fields. Article no: 000017386
View full article
Issue: I need to enable or disable the Browsing Protection feature on some client, how can I do it centrally using Policy Manager Console? Resolution: Open F-Secure Policy Manager: Settings [Standard view] F-Secure Browsing Protection Uncheck the box to Disable or Enable Browsing Protection After you have chosen your setting, make sure that the padlock is closed, after that you can distribute the policies (Ctrl+D) Note:  F-Secure Browser Protection is an integrated Module within the package, that can be only deactivated via Policy Manager or locally from the Client. If you have disabled Browsing Protection for your Clients, and you want to hide the browser plugin deactivated message in main local UI Please ask customer support to provide you the file  FSCS1410-HF03-signed.jar when you submit a ticket.  This  specific hotfix removes notification about disabled BP from UI, while it is disabled. Distribution details for centrally managed hosts: Log in to F-Secure Policy Manager Console  select the Installation tab  Click Installation packages and select import to import the downloaded hotfix jar file Select appropriate domain or host and press Install Select the hotfix Distribute policies Article no: 000004715
View full article
Issue: Firewall rules made with Policy Manager 14.x are not operational on Client Security 14.x clients. Firewall rules pushed from Policy Manager 14.x to Client Security 14.x clients do not appear in the Windows firewall. Resolution: Check that you have edited the same firewall profile that is in use on the client. This can be done by following these steps: Open F-Secure Policy Manager Console Select the host or domain from the Domain tree Go to the Settings tab Go to the Firewall page Check that Host profile and Profile being edited match If they match, the reason why the rule is not applied on the client is because it is an invalid rule. If the rule has many IP addresses in it, make sure that you have used a comma ( , ) in between each IP range as a value separator. Using a space or semicolon ( ; ) in between the IP ranges will invalidate the rule and it will not be visible in the Windows Firewall.  Article no: 000011310
View full article
Issue: Configured Application Control for Client Security 13.x hosts in Policy Manager 14.x but it does not stop the applications from launching Resolution: F-Secure Client Security 13 version does not support the Application control feature which is the reason why applications are still able to be launched after configuring the feature through F-Secure Policy Manager 14. The Application control feature is supported by F-Secure Client Security version 14 and newer. You will need to upgrade the hosts if you wish to use this feature.  F-Secure Client Security 13 supports the Network Access Control feature which prevents unauthorized applications from gaining network access.   Article no: 000016529
View full article
Issue: After installation, user is unable to launch Policy Manager Console and they receive error: "The item referred by this shortcut cannot be accessed. You may not have the appropriate permissions". Resolution: The setup wizard creates the user group FSPM users. The user who was logged in and ran the installer is automatically added to this group. To allow another user to run Policy Manager Console you must manually add this user to the FSPM users user group. To add users to a group, use the following instructions: Click on the Server Manager icon on the bottom left of the Windows desktop  Select the Tools menu in the upper right, then select Computer Management Expand Local Users and Groups Expand Groups Double-click on the group to which you want to add users Select Add Enter the name of the user you wish to add to the group, then select Check Names You can separate names with a semicolon if you want to add more than one user Press OK when complete, then OK again to finish Article no: 000017207
View full article
Issue: How to disable Advanced Network Protection for Client Security 14 in Policy Manager 14? Resolution: To centrally disable Advanced Network Protection from target hosts in Policy Manager 14, follow these steps: Open F-Secure Policy Manager Choose the target host or domain from the Domain Tree Go to the Settings tab and use Standard View Go to Web traffic scanning section Choose from HTTP Scanning HTTP scanning enabled and set the value as disabled Distribute the new policy with the Distribute policies button Now Advanced Network protection is disabled from the target hosts. Article no: 000008143
View full article
Issue: How to update malware definitions for Policy Manager 13.x/14.x in an isolated network. Resolution: Policy Manager offers two options for updating virus definitions in isolated networks that have no direct connection to the Internet. If your network configuration allows Policy Manager to access internal resources with Internet access, we recommend that you use Policy Manager Proxy as the source for updates. For more details click here. If using Policy Manager Proxy is not an option, you can use a tool provided with Policy Manager to fetch the updates as an archive and copy that to the server where Policy Manager is installed. For more details click here. Article no: 000002697
View full article
Issue: How do I schedule reports on Policy Manager 14.x? Resolution: You can configure Web Reporting to send regular reports by email to one or more recipients. To send the reports by email, you need to enter the mail server details in Policy Manager Console. To do this: Select Tools > Server configuration and click the Mail tab. Enter the mail server address and authentication information. Enter the address that you want to display as the sender in the report emails. This does not have to be a valid email address. Click OK. To configure the report scheduling: Note: You cannot schedule reports for individual hosts, only for domains. You can use the root domain if you want the reports to cover all configured domains. Use semi-colons to separate multiple addresses. If you choose to send the reports on a monthly basis, the reports for each month are automatically sent on the first day of the following month. On the Web Reporting main page, select Scheduled reporting. On the policy domain tree, select the domain that you want to use for the reports. Note: You cannot schedule reports for individual hosts, only for domains. You can use the root domain if you want the reports to cover all configured domains. In the Recipient emails field, enter the email addresses that should receive the reports. Choose whether to send the reports daily, weekly or monthly. If you want to send the reports on a weekly basis, select the weekday. If you choose to send the reports on a monthly basis, the reports for each month are automatically sent on the first day of the following month. Select which reports you want to send. The listed recipients will receive the selected reports in HTML format according to your settings. If you want to check that the report emails are delivered correctly, click Send reports now.   For more information: https://help.f-secure.com/product.html#business/policy-manager/latest/en/task_4644F99989CB41A4BD5BBC5FE87919A2-latest-en Article no: 000003775
View full article
Issue: The symptoms include clients are unable to download updates from the Policy Manager Server clients are unable to upload status information to the Policy Manager Server and will eventually show up in Policy Manager Console as disconnected hosts However, clients might still be able to download updates because in the default configuration, fallback to F-Secure update servers is allowed. A couple of logfiles on the endpoont help to establish, if the client is having a connection problem due to the firewall blocking access on the server. Examples are for Client Security 14 but also apply for Server Security 14 and later. Policy Manager Server here is pms.acme.com listening on default ports 80 and 443. C:\ProgramData\F-Secure\Log\AUA\Aua.log 2019-10-02 12:07:25.311 [15d4.1d50]  I: Connecting to pms.acme.com:80/guts22019-10-02 12:07:46.349 [15d4.1d50]  I: Update check failed, error=110 (connection timed out) Same is also visible in this logfile: 2019-10-02 12:17:37.502 [15d4.1d68]  I: UpdatablePmCertVerifier::RenewCertificates: Renewing certificates from pms.acme.com:443 with HTTP proxy ''2019-10-02 12:17:58.535 [15d4.1d68] *E: UpdatablePmCertVerifier::RenewCertificates: Failed to download certificate bodies (FsHttpRequest::Error_Timeout, AsyncSendRequest failed: 12002)2019-10-02 12:18:07.536 [15d4.1d68]  I: UpdatablePmCertVerifier::RenewCertificates: Renewing certificates from pms.acme.com:443 with HTTP proxy '' Error 12002 translates to  12002 ERROR_INTERNET_TIMEOUT The request has timed out. Resolution: Server Security 14 uses the Windows Firewall. It is likely that the ports that the HTTP and HTTPS services are using are blocked in the firewall on the server where Policy Manager Server is installed in. This would cause the clients to be unable to be in contact with the Policy Manager Server.   To resolve the issue, create a firewall rule allowing inbound HTTP and HTTPS traffic to the server where Policy Manager Server is installed.  You can find instructions how to create firewall rules in Policy Manager 14 in this guide. Things to consider: Make sure, the firewall rule is enabled. This is the first checkbox in the Firewall rules table. Make sure, the Server profile containing the rule is assigned as the "Server host profile". In the example below, the profile is called Server (cloned). The other rules in the profiles in this screenshot are also activated but this is is not needed to meet client Policy Manager Server communication requirements. As this particular rule is only required for the server host running Policy Manager Server, we have selected the server before making the change (the server called here DC1-PETERF)   Article no: 000016843
View full article
This article describes the use of the database recovery tool available since PM version 12.10.
View full article
This article describes the use of the database recovery tool available since PM version 12.10. If you are running the Policy Manager version 12.00 or...
View full article
When you cannot use a connection to an intermediate proxy due to security policies, you can update the malware definitions using the tool provided...
View full article
Policy Manager Console prompts an error message: "Cannot connect to the server: localhost:8080. Check that the host name and port number are correct....
View full article
This article describes how you can reset both F-Secure Automatic Update Agent (AUA) and F-Secure Automatic Update Server (AUS) database repositories...
View full article
F-Secure Policy Manager supports some advanced configuration using Java system properties. This article describes how you can specify the Java system...
View full article
This article describes how you can move Policy Manager Server (PMS) to a new server.
View full article
To register your F-Secure Policy Manager in an isolated or offline environment, you need to get an offline registration file (or token) from F-Secure...
View full article
The product uses Windows Firewall to protect your computer.
View full article
The following steps describe Policy Manager Proxy node installation for both Windows and Linux.
View full article
F-Secure has released a new generation engine for one of our core scanning engines, which, at F-Secure, we call Capricorn. The engine change brings...
View full article
To be able to combat the more adaptive and targeted attackers of the future even better, F-Secure has made a significant engine update.
View full article
This article describes how you can configure the MyNetwork rule in F-Secure Policy Manager.
View full article
There are several ways to get the Hardware ID for a device for the Device Control rules; Using Device Control statistics or Windows Device Manager.
View full article
If double-byte characters are used in the server addresses, the communication with the server will not function properly.
View full article
When deploying cloned virtual machines from a template, Policy Manager identifies them as identical machines even when each machine is configured to...
View full article
To maintain a high protection level, you may notice an increase in bandwidth due to the increased number of updates released per day. Policy Manager...
View full article
F-Secure Software Updater scans computers for missing software updates, and keeps Windows and third-party applications up to date and patched from...
View full article
Next-gen proxy is a role of Policy Manager Server, in which it proxies certain requests to Master Server while serving BackWeb and software updates...
View full article
F-Secure Policy Manager for Windows 14.00 was released on November 14, 2018.
View full article
F-Secure Policy Manager for Linux 14.00 was released on November 14, 2018.
View full article