Howto easily upgrade Client Security 12.31 to 13 on workstations

RC1
Scholar

Re: Howto easily upgrade Client Security 12.31 to 13 on workstations

Agrar's orginal request was:

 

   Howto easily upgrade Client Security 12.31 to 13 on workstations? Can it be done automatically?

 

"Nag the user" means it is not done automatically. 

 

It is unfortunate that the F-Secure product team is not capable to automate the BP extension installation. It is technically possible years ago. Perhaps the team need more training. 

Superuser

Re: Howto easily upgrade Client Security 12.31 to 13 on workstations

I doubt your claim that "it is technically possible", as according to this post the demand for automatic installation is common, but neither documented nor is a reliable way know.

Edit: https://support.mozilla.org/de/questions/1130750


Esp. with FF it is an anoyance to constantly change the plugin to adopt a new way how to integrate a plugin.

Also I feel it is a security/privacy issue if an admin can introduce any plugin without the users knowledge.

If you know a reliable way how to overcome both problems I am sure R&D would be interested. @Vadim

Matthias
----------
perComp is a Platinum Partner of F-Secure since 1994. Any advice or help given by me in this forum is voluntarily and to my best knowledge based on working with the products since 1997. Direct contact for customers please check our homepage http://www.percomp.de

RC1
Scholar

Re: Howto easily upgrade Client Security 12.31 to 13 on workstations

Mozilla explains how to package extension: https://developer.mozilla.org/en-US/Firefox/Enterprise_deployment#Packaging_Extensions AntiVirus clients do realtime and schedule scan of files and folders all the time. Does that mean every time before a scan there should be a pop-up to let users know because of security/privacy issue??
Superuser

Re: Howto easily upgrade Client Security 12.31 to 13 on workstations

And I read there:
"...but this only works for profiles created after the extension is installed. "
and in the additonally referenced link:
" IMPORTANT: If you use this mechanism (which used to work pretty well), your add-ons will be disabled by default. To override this, you’ll need to set the preference extensions.autoDisableScopes to 0 via a config file or by creating a new prefs file in the defaults/preferences directory. Setting this value via distribution.ini will not work. "

So either it only works for newly created profiles or ends up with the add-on beeing disabled by default and you have to disable a Firefox security feature. Neither I like.

Feel free to modify your companies installation package as explained there, but I'd say F-Secure would be badly advised if they lowered Firefox's security settings.

my2ct
M.

Matthias
----------
perComp is a Platinum Partner of F-Secure since 1994. Any advice or help given by me in this forum is voluntarily and to my best knowledge based on working with the products since 1997. Direct contact for customers please check our homepage http://www.percomp.de

RC1
Scholar

Re: Howto easily upgrade Client Security 12.31 to 13 on workstations

Matthias, there is no need for us to take over the F-Secure development team's job here. Subscribers of the Mozilla Enterprise Working Group Mailing List ( https://mail.mozilla.org/listinfo/enterprise ) discuss the automation of extension deployment for years. We already established the fact that the default fsc 13.x installation generates pop-up message to prompt end-users. This means the installation is not "automatic" unfortunately. This does not work for a lot of business or enterprise scenarios. We have hundreds of kiosk computers in a college environment. It does not work for us either. We do not have resources to do the manual clicks on every kiosk machine. We do not have the resources to tape an explanation (not that we like this ugly solution) on every kiosk to let the public know what to do with pop-up messages. What's more unfortunate is that I submitted a ticket to F-Secure Tech Support formally and it was ignored. So the only solution for now is to disable Browsing Extension during the deployment.
Superuser

Re: Howto easily upgrade Client Security 12.31 to 13 on workstations

IMHO it is not R&Ds job to adjust your rollout scenario.
For your environment do not forget, that the plugin does not decide about wether to block or not. The plugin "only" displays the decission to the enduser and gives him/her the ability to override the decission (if the admin allows to override).

Thus, for the time being, I recommend to activate browsing protection and not worry about the plugin. If the user decided to deny usage, the plugin will be disabled in his profile. He can re-enabled it at any time.

Matthias
----------
perComp is a Platinum Partner of F-Secure since 1994. Any advice or help given by me in this forum is voluntarily and to my best knowledge based on working with the products since 1997. Direct contact for customers please check our homepage http://www.percomp.de

RC1
Scholar

Re: Howto easily upgrade Client Security 12.31 to 13 on workstations

If the F-Secure development team has the same kind of thinking, that may explain why Gartner said "the majority of F-Secure clients are sub-500 seats" ( https://www.gartner.com/doc/reprints?id=1-4PGZC8G&ct=180126&st=sb ). 

 

 

In any enterprise environment, no one will deploy a software product that prompts for user interaction. I used to work for a company of 20,000+ seats. It's a big no-no. Any user interactions generate a lot of IT helpdesk tickets.  

 

 

As I mentioned multiple times in this discussion, the orginal question is about fully automatic deployment. It's not about what the end users think or feel.

 

 

Before our license renewal, we need to look for another product as F-Secure's small environment thinking does not work for us.

 

 

RC1
Scholar

Re: Howto easily upgrade Client Security 12.31 to 13 on workstations

 

Pardon me, I made a typo on my last reply. It was " ... the majority of F-Secure clients are sub-5,000 seats" ; not 500.

 

Novice

Re: Howto easily upgrade Client Security 12.31 to 13 on workstations

We too are delaying the upgrade to version 13 due to this. We're a large speciality veterinary hospital in the north of Europe with 150 seats of Client Security, and we made Google Chrome standard. Most of our personnel, like vets and animal carers, share computers. For the most part they are not IT skilled, and when they are in front of a computer they are frequently in a hurry and under life and death duress. We also been pushing the message to users to be careful out there and worry about what and where they click. The moment we deployed Client Security 13.x many would refuse to install it, others ignore it. A few would maybe say yes without blinking, of course. But we would receive dozens of support calls and requests wondering or warning us of the fact. So, as I said, we are now in wait and see mode.