I'm currently testing these versions on a Test MS TS server but I've some issues;
1. Is there a way to ensure the DeepGuard service is working properly?
2. Do F-Secure have test URLs which can be used to test the additional components added in this version?
3. The Browsing Protection Ratings aren't appearing in IE when you do a search in Google for example.
I'm wondering if additional ports need opening on our firewalls but I read that it'll use port 80 for traffic and 53 for DNS.
If the ORSP service needs to connect to backend servers, are there any IPs/URLs which you could allow access to in a firewall rule for example? I'd rather be in a position of controlling outbound traffic from our server VLAN, just to be safe!
You can use fstestdomain.com to verify that Browsing Protection and DeepGuard work as expected. The links are self explanatory:
Did you enable 3rd party extensions in IE? By default, Enhanced Security Configuration blocks IE extensions/plug-ins on Windows Server platforms. If Browsing Protection plug-in is disabled, then ratings are not properly shown in search results.
Yes, the ORSP service requires outbound HTTP connections to our backend servers. Please consult this Knowledge Base article (http://www.f-secure.com/en/web/business_global/support/article/kba/2712) for list of IPs that the firewall should allow communication with.
I'll try to answer some of your questions:
1. Check DeepGuard->Monitored programs in WebUI.
2. Type "download free screensavers" in google and you'll find a harmful website
3. Check your IE advanced internet options. Enable "Enable third-party browser extensions" parameter and restart IE.
Yes, the ORSP service needs a connection to backend server. You can find details in Help to Genaral->Privacy page of WebUI.
Our UTM firewall supports the use of hostnames which would be easier because if you decide to add or remove backend servers, we could be left with servers having access to unknown hosts or hosts that can't be reached because our firewall rule doesn't allow the traffic!
I assume that for all those IP addresses, you're using some kind of DNS round-robin?
If so, what URL do those IPs resolve to?
That'll be the best way for us.
Hello Vad, Dmitriy.
I've created a full http outbound rule for that test TS server through our firewall using port80 as normal but the rating service says it's unavailable! All the links come up as a grey question mark.
Also, after following both your suggestions, none of it seems to be working other than the basic server AV protection - that's DeepGuard, the link scanner and site ratings and note, I can't find any evidence that the ORSP service is even communicating with your FSBWServers. It is running as a service as I've checked that.
Any other suggestions?
To check that ORSP connections work, go to %ProgramFiles%\F-Secure\ORSP Client folder and run orspdiag.exe from the command line. The output has a line about the connection ("Connectivity state"); if it says "Ok", then the connection works. If it says "Connecting" then the connection to the server has been initialized but the crypto session is still uninitialized (i.e. there hasn't been any queries to the server yet). If it says "Timeout", then there's networking congestion.
If you get "Ok" with orspdiag.exe, but don't see Browsing Protection ratings in IE, then the problem might be somewhere else. I'd then suggest to open a support ticket and send us fsdiag report.
When I run that command, I get the following output:
RPC communication error (is ORSP service running?)
Interestingly, I get that error regardless if the service is actually running or in a stopped state!
This problem is turning out to be quite a challenge...
I've been trying to do an FSDiag all morning but it appears to have hung during the process but a file has appeared on the desktop so hopefully that will do as I've had to kill the process with the Task Manager!
This topic has been closed due to inactivity. If you would like to discuss this topic further, please start a new post.
You can reference this topic in your post by adding this link:
Visit the Community
Check our Forums or How-to & FAQs for advice or answers
View User Guides
Refer to our getting started guides and product manuals
Talk to our Support and get answers to your questions