The global F-Secure content delivery network used by F-Secure uses dynamic addressing and traffic routing. The content delivery network operates on both HTTP and HTTPS protocols. In order to provide a faster response and download time, F-Secure also uses third-party content delivery networks as well as external cloud-based services such as Amazon's cloud.
For customers wishing to control their outbound network traffic, F-Secure recommends the use of a web proxy server and setting up the access control policies using the following hostnames:
If you are running Protection Service for Business (PSB) or F-Secure Client Security Premium with Software Updater, you need to allow the following list of URL addresses listed in the following third-party KB article to make sure that the Software Updater database is updated properly: Ivanti's URL exception list.
To guarantee proper transmission between the endpoints and backend, the endpoints need to be able to communicate over HTTP and HTTPS, port 443, with various sub-domains owned by F-Secure (*.f-secure.com and *.fsapi.com). You should also allow connections to the digicert.com domain, as Windows API may need to verify F-Secure services that are signed with a certificate that is issued by Digicert.