Business Suite

Sort by:
Issue: Security Cloud Client is not connected on Server Security 14 / Client Security 14. Resolution: Make sure that the affected F-Secure host is allowed to connect to the URL orsp.f-secure.com. If this host requires a connection via HTTP proxy to access this URL, you have to configure these settings via the F-Secure Policy Manager Console: Log on to your F-Secure Policy Manager Console. Select the Policy domain   or Host   /   where you want to edit the policy on. Switch to the Advanced view. Go to F-Secure Security Cloud Client > Settings > HTTP Proxy. Modify the value to suit your HTTP proxy requirements: 'http://server:port', e.g. 'http://my.domain.com:1234' Distribute the policy  . Note: If there is no parameter set under F-Secure Security Cloud Client > Settings > HTTP Proxy, the F-Secure Security Cloud Client will use the proxy configuration from the F-Secure Automatic Update Agent (AUA) by default: F-Secure Automatic Update Agent > Settings > Communications > HTTP settings > Use HTTP proxy NOTE: Server Security 14.00 and Client Security 14.x do not officially support proxy authentication. Article no: 000014893
View full article
Issue: How to update malware definitions for Policy Manager 13.x/14.x in an isolated network. Resolution: Policy Manager offers two options for updating virus definitions in isolated networks that have no direct connection to the Internet. If your network configuration allows Policy Manager to access internal resources with Internet access, we recommend that you use Policy Manager Proxy as the source for updates. For more details click here. If using Policy Manager Proxy is not an option, you can use a tool provided with Policy Manager to fetch the updates as an archive and copy that to the server where Policy Manager is installed. For more details click here. Article no: 000002697
View full article
Issue: When using image files to distribute product installations, how can I reset the host UID for Policy Manager Proxy to prevent duplicate hosts appearing in Policy Manager? Resolution: If you use image files to distribute product installations, you need to make sure that there are no unique ID conflicts. For Policy Manager Proxy this can be prevented by following the steps below: Stop F-Secure Policy Manager Server service:  Linux: [/etc/init.d/fspms stop] Windows: [net stop fsms] Remove following two files: Linux: /var/opt/f-secure/fspms/data/h2db/fspms.h2.db /var/opt/f-secure/fspms/data/fspms.jks Windows: <F-Secure Installation Folder>\Management Server 5\data\h2db\fspms.h2.db <F-Secure Installation Folder>\Management Server 5\data\fspms.jks Use fspmp-enroll-tls-certificate script to generate proxy node certificate. Run the script and authenticate yourself as root administrator of the Master Policy Manager: Linux: /opt/f-secure/fspms/bin/fspmp-enroll-tls-certificate Windows: <F-Secure Installation Folder>/Management Server 5/bin/fspmp-enroll-tls-certificate.bat Start F-Secure Policy Manager Server service: Linux: [/etc/init.d/fspms start] Windows: [net start fsms]   Article no: 000016987
View full article
Issue: How do I schedule reports on Policy Manager 14.x? Resolution: You can configure Web Reporting to send regular reports by email to one or more recipients. To send the reports by email, you need to enter the mail server details in Policy Manager Console. To do this: Select Tools > Server configuration and click the Mail tab. Enter the mail server address and authentication information. Enter the address that you want to display as the sender in the report emails. This does not have to be a valid email address. Click OK. To configure the report scheduling: Note: You cannot schedule reports for individual hosts, only for domains. You can use the root domain if you want the reports to cover all configured domains. Use semi-colons to separate multiple addresses. If you choose to send the reports on a monthly basis, the reports for each month are automatically sent on the first day of the following month. On the Web Reporting main page, select Scheduled reporting. On the policy domain tree, select the domain that you want to use for the reports. Note: You cannot schedule reports for individual hosts, only for domains. You can use the root domain if you want the reports to cover all configured domains. In the Recipient emails field, enter the email addresses that should receive the reports. Choose whether to send the reports daily, weekly or monthly. If you want to send the reports on a weekly basis, select the weekday. If you choose to send the reports on a monthly basis, the reports for each month are automatically sent on the first day of the following month. Select which reports you want to send. The listed recipients will receive the selected reports in HTML format according to your settings. If you want to check that the report emails are delivered correctly, click Send reports now.   For more information: https://help.f-secure.com/product.html#business/policy-manager/latest/en/task_4644F99989CB41A4BD5BBC5FE87919A2-latest-en Article no: 000003775
View full article
Issue: How does the firewall automatic selection in Policy Manager function? What mechanism should I set up the automatic selection profile? Resolution: To set the firewall automatic selection profile changes to work, create the autoselect rule based on conditions such as gateway IP, DNS, etc. As an example, when the Windows Firewall profile is changed to different networks (public, private, domain), there is network change happening too. This can be used as the condition for firewall automatic selection rule to trigger. When a host is connected to Domain network, it will use default firewall profile "Office, file and printer sharing". When a host is connected to Public network and assign to DHCP IP address, it will switch to firewall profile "Server". When a host is connected to Private network that communicate to gateway IP (Example: 192.168.1.103), it will switch to firewall profile "My test firewall profile". Note that the firewall automatic selection is based on rules priority. The rule consists of two conditions: Method1/Argument1 and Method2/Argument2.  When both conditions are met, the profile specified in the rule is selected. The rules are evaluated whenever changes in the network interfaces are detected, and the rule with the highest priority is applied in case there are more than one matching rule.  If none of the rules match, the profile will remain unchanged. Therefore a fallback rule, with both methods set to Always, is usually put at the bottom of the rule set. Supported methods and arguments: Never: Never true (argument ignored) Always: Always true (argument ignored) DNS Server IP Address: IP address given as the argument matches with a DNS server DHCP Server IP Address: IP address given as the argument matches with a DHCP server Default Gateway IP Address: IP address given as the argument matches with the default gateway My Network: IP address given as the argument falls within the LAN subnet of the host Dialup: A dial-up connection is open (argument ignored) In IP address arguments, the asterisk (*) may be used as a wildcard, but only in place of whole pieces of the address. For instance 172.16.*.*, but not 172.16.*10.* or 172.16.*. Example: Method1 = Default Gateway IP Address Argument1 = 123.12.0.1 Note: The Argument value is irrelevant for Always, Never and Dialup methods. Article no: 000013127
View full article
Issue: After updating to Server Security Premium 14.00, a group of Servers are not getting Virus Definitions After upgrading to Client Security 14.10, Clients are not getting updates from Policy Manager Server Resolution: You can apply the hotfix FSCS1410-HF07 to resolve the problem. If the problem persists, make you are experiencing the same problem, by opening the following logs from affected Client and investigate them. Logs are usually located in the following path: C:\ProgramData\F-Secure  Open the C:\ProgramData\F-Secure\Log\AUA.log and scroll down to the latest event to see if you have a similar error: 2019-09-23 15:17:09.502 [0e50.1388] I: Connecting to updateserver:80/guts2 (proxy proxy.demo.com:8888) 2019-09-23 15:17:09.517 [0e50.1388] I: Update check failed, error=115 (operation in progress) Open the C:\ProgramData\F-Secure\Log\CCF\Guts2Plugin.log  and scroll down to the latest event to see if you have a similar error: 2019-10-01 09:54:30.351 [1284.1258] I: Guts2Client::UpdateCurrentProxyForRootServer: Save successful proxy 'proxy.demo.com:8888' 2019-10-01 09:54:30.352 [1284.1258] I: Guts2Client::CheckForUpdatesFromServer: Check from server 'fsms:80/guts2' 2019-10-01 09:54:30.365 [1284.1258] I: Guts2Client::RefreshAvailablePackages: Trying with proxy 'proxy.demo.com:8888' 2019-10-01 09:54:30.581 [1284.1258] I: [fslib] server returned HTTP status code 503 (try again later) 2019-10-01 09:54:30.581 [1284.1258] *E: [fslib] unable to fetch update information from the server, error 115 (operation in progress) 2019-10-01 09:54:30.581 [1284.1258] I: Guts2Client::RefreshAvailablePackagesProxyConfigured: Failed to refresh available packages, error=115 2019-10-01 09:54:30.581 [1284.1258] *E: Guts2Client::CheckForUpdatesFromServer: Failed to refresh available updates list 2019-10-01 09:54:30.587 [1284.1258] I: CCFGuts2Plugin::ScheduleCheck: Scheduling next check in 156 seconds As you can see, proxy.demo.com:8888' can answer 503 without forwarding a request to the Policy Manager Server/guts2 server. In this case, you could troubleshoot the HTTP-Proxy by checking the following: Retry the URL from the address bar again by clicking the reload/refresh button, or pressing F5 or Ctrl+R. Restart your router and/or your device, especially if you're seeing the "Service Unavailable - DNS Failure" error. As an option, you could disable the HTTP proxy for AUA, to see if the connection issue is caused by AUA. You can do this from the Policy Manager Console: 3.1  Under the F-Secure Automatic Updates Agent > HTTP  Settings > Use HTTP Proxy and set it to No. Deploy the policy.  If the changes you made now worked, make sure to enable your HTTP-Proxy to updateserver:80 (:443) Note:  When upgrading from Client Security 13.xx series: GUTS2 updates were already available, so the behavior didn't change  When upgrading from  Client Security 12.10-12.3x: Everything in the Client Security > Policy Manager communication was changed. If you are upgrading from 12.00 or older - also the protocol was changed from HTTP to HTTPS (but guts2 are still downloaded via HTTP). In the event that a proxy is/must be used ensure that no filtering for port 443 is enabled. Client Security 13.x already used GUTS2, where 503 was the "good answer", which means they would come back later, and that didn't cause fallback to the Internet.   Article no: 000015249
View full article
This article describes the use of the database recovery tool available since PM version 12.10.
View full article
If your network setup does not allow Policy Manager to connect to the Internet, but allows connections to internal resources that can access the...
View full article
When you cannot use a connection to an intermediate proxy due to security policies, you can update the malware definitions using the tool provided...
View full article
This article describes how to upgrade from F-Secure Policy Manager 12 to version 13.
View full article
Policy Manager Console prompts an error message: "Cannot connect to the server: localhost:8080. Check that the host name and port number are correct....
View full article
F-Secure Policy Manager supports some advanced configuration using Java system properties. This article describes how you can specify the Java system...
View full article
This article describes how you can move Policy Manager Server (PMS) to a new server.
View full article
To register your F-Secure Policy Manager in an isolated or offline environment, you need to get an offline registration file (or token) from F-Secure...
View full article
The product uses Windows Firewall to protect your computer.
View full article
Your computer is protected with predefined firewall settings. Usually, you do not have to change them. However, you may have to change the settings,...
View full article
This article describes how you can set up the F-Secure firewall for Windows 7 DirectAccess from Policy Manager Console (PMC).
View full article
The default update server address uses a global dynamic content delivery network unsuitable for setting up an IP address based access control policy....
View full article
This article describes the steps on how to perform a Scanning and Reputation Server upgrade from an older version to a latest version.
View full article
When faced with large Downadup potential, it may be useful to disable autorun or USB sticks completely. This article refers extensively to two...
View full article
If you have installed Client Security on hosts that do not have a network connection, you can update the malware definitions using the tool provided...
View full article
This article describes how you can allow file sharing with F-Secure firewall turned on.
View full article
The following steps describe Policy Manager Proxy node installation for both Windows and Linux.
View full article
F-Secure has released a new generation engine for one of our core scanning engines, which, at F-Secure, we call Capricorn. The engine change brings...
View full article
To be able to combat the more adaptive and targeted attackers of the future even better, F-Secure has made a significant engine update.
View full article
This article describes how you can configure the MyNetwork rule in F-Secure Policy Manager.
View full article
This article explains how you can collect an MBR rootkit sample for F-Secure Labs to analyse.
View full article
There are several ways to get the Hardware ID for a device for the Device Control rules; Using Device Control statistics or Windows Device Manager.
View full article
If double-byte characters are used in the server addresses, the communication with the server will not function properly.
View full article
The user receives the below error on a regular basis on his Microsoft Exchange 2007 Server with SP1. The user has F-Secure Anti-Virus for Microsoft...
View full article
In all of the supported F-Secure Anti-Virus for Microsoft Exchange versions, the SA account is used during installation. This article explains why...
View full article
You are not able to access F-Secure Web Console. Instead, the following error message is displayed: https://127.0.0.1:25023/common/main.php: The page...
View full article
You have installed and configured F-Secure Anti-Virus for MS Exchange. E-mail scanning is working well since it is blocking e-mails, quarantining them...
View full article
The Foxit Reader installed is a Consumer version, not the Enterprise version. Software Updater only detects the Enterprise version.
View full article
Even though Java Development Kit (JDK) is listed as a product supported by SWUP, we want to emphasize that SWUP does not patch JRE (32-bit and 64-bit)...
View full article
It might occasionally happen that the quarantine database is not available, e.g. due to a network problem or it may have run out of space. It is...
View full article
You notice that the amount of spam messages remains the same even though it should grow steadily. This indicates a problem in the Network...
View full article
When administrators make changes to the match list content at the below locations in F-Secure Web Console, they are not prompted to save the changes....
View full article
After initialing a manual scan, the server/system experiences noticeable degradation in performance causing the server/system to hang.
View full article
This article describes an issue in F-Secure Anti-Virus for Microsoft Exchange where database cannot be accessed.
View full article
The F-Secure Anti-Virus for Windows Servers Web Console access is, by default, restricted to the local host only. You need to modify the webui.cnf...
View full article
If your corporate network is behind a proxy or a firewall that has strict deny rules, Software Updater may be unable to download patches from some...
View full article
Some updates, for example Notepad++, WinZip, and 7-Zip, are released unsigned. Software Updater does not automatically install unsigned updates and...
View full article
The firewall drops some frames during network communication, preventing proper operation of third-party applications.
View full article
After having installed the F-Secure product on several workstations in the network, you notice that the Windows login is taking longer than usual,...
View full article
When deploying cloned virtual machines from a template, Policy Manager identifies them as identical machines even when each machine is configured to...
View full article
To maintain a high protection level, you may notice an increase in bandwidth due to the increased number of updates released per day. Policy Manager...
View full article
F-Secure Software Updater scans computers for missing software updates, and keeps Windows and third-party applications up to date and patched from...
View full article
Next-gen proxy is a role of Policy Manager Server, in which it proxies certain requests to Master Server while serving BackWeb and software updates...
View full article
F-Secure Policy Manager for Windows 14.00 was released on November 14, 2018.
View full article