This article applies to the following F-Secure products: Computer Protection, Client Security, Email and Server Security, Policy Manager, Server Security, Messaging Security Gateway, PSB Email and Server Security, PSB Server Security, Rapid Detection & Response, Rapid Detection & Response Service.
The global F-Secure content delivery network used by F-Secure uses dynamic addressing and traffic routing. The content delivery network operates on both HTTP and HTTPS protocols. In order to provide a faster response and download time, F-Secure also uses third-party content delivery networks as well as external cloud-based services such as Amazon's cloud.
For customers wishing to control their outbound network traffic, F-Secure recommends the use of a web proxy server and setting up the access control policies using the following hostnames:
Software Updater database
If you are running Protection Service for Business (PSB) or F-Secure Client Security Premium with Software Updater, you need to allow the following list of URL addresses listed in the following third-party KB article to make sure that the Software Updater database is updated properly: Ivanti's URL exception list.
Rapid Detection & Response Service (RDS) and Rapid Detection & Response (RDR)
To guarantee proper transmission between the endpoints and backend, the endpoints need to be able to communicate over HTTP and HTTPS, port 443, with various sub-domains owned by F-Secure (*.f-secure.com and *.fsapi.com). You should also allow connections to the digicert.com domain, as Windows API may need to verify F-Secure services that are signed with a certificate that is issued by Digicert.