1. The new Computer Protection have only 16 categories to block the browsing protection when the usual is that the new versions have more functions. The workstation version have more categories, why?
2. The Application control soulbe renamed because this is more a malware prevention/execution from critical paths. (used by malware and payloads). One Application Control module is used to block/permit the application execution or installation, for example, P2P apps, Remote Control Apps, Games Apps, etc.
3. The computer details should be display more info as Last Loged User, Basic HW Inventory and SW Inventory.
4. The Portal should be permit create Groups for a best computer organization becase today is a large list of computers.
5. PSB don't a have a Central Quarantine.
6. PSB don't permit execute a remote clean up of computer infected.
Linck Tello Flores
It is a good list of additional features and we have all of them in our backlog so they will appear in Computer Protection.
I only don't understand point 6. Can you elaborate what did you mean?
You can schedule remote computer scan operation from portal which will automatically clean infected machine. We always handle infections during scan and don't allow to "ignore" them.
> PSB don't a have a Central Quarantine
Regrettably F-Secure PSB webportal lacks the ability to click on a particular virus alert under the Reports / Infections list and select "submit binary sample to lab".
This missing feature makes it essentially impossible to use PSB WKS 12 and CP18 e.g. in school environments, where I see a LOT of obvious Deepguard false blocking alerts on Delphi and Basic language program code, as written by pupils during courses. Since there are so many schools with so many classroom computers, located all over the country and mostly lacking on-site system administrators, we just can't ask anybody to go there and fetch a sample via physical access. As the program code are one-off, having the Deepguard reported SHA-1 checksum means nothing. Thus, those false alarm incidents cannot be investigated for lack of a binary and never get fixed.
We desperately need remote file sample submit capability, I have been begging F-Secure Corp. for over a year to implement this skill in the PSB webportal, at least for Solution Provider accounts, but nothing happens. (F-Secure is probably afraid of the kind of legal / PR scandal which hit Kaspersky Lab when their auto-submission system downloaded an "under construction" new trojan malware sample from an NSA laptop...)
If we had the long-promised F-Secure PSB integrated remote desktop capability, that would be a passable alternative to collecting file samples manually to fix the DG false alarm problems, but remote access was also never implemented. I feel helpless stuck in this situation.
Yours Sincerely: Tamas Feher, Hungary.
Tamas, I think you will be pleased to hear that this feature is in our backlog. It will be added.
But I don't think it will help with false positives on fresh compiled samples - they are just too fresh. We have a lot of developers at F-Secure and we have the same problem - our own code gets blocked from time to time.
So, we try to improve it and remove false positives from locally built binaries but that's not trivial to do securelly (just because it can allow attacker an easy way into the system).
Thankyou for your comments.
We will be adding remote quarantine support to Computer Protection, later this year. This will allow the admin to manage the quarantine contents from the portal, and we will look into the possibility for the admin to submit samples directly from the quarantine, remotely.
Quarantine does not work with DeepGuard at all, DG6 simply blocks access to the file if it is detected. We will look into possible solutions around this. For the moment, we would recommend the use of exclusions, and have the students generate their files to an excluded location.
Unfortunately, Computer Protection it works bad than Workstation Security 12.... (for me)
I scan several computers with both versions (Computer Protection and Workstation Security 12).
For every computer, Computer Protection version, scanning to full (with full protection settings), find much less number of files on every computer (than Workstation Security) and also, find much less infected files.
So, I will try for few times on another computers, maybe I made something wrong.
If the result is the same, I will reconsider my option for another antivirus program solution. For me, security for my clients, is not just "design", is not just words, is not just "fashion"...
I work with F-secure from year 2000.
So, I want to Thank You for your products and services (even if not always was better)!
P.S. - I'm sorry for my poor english!...
Can you provide us more information on what do you have on those computers that you find on one and don't find on the other? We definitely want to understand how you get to this experience and improve whenever we can.
Our experience has not been the same, as per our understanding the detection capabilities are on par on the two products. Understanding your case would be a valuable opportunity for us to learn on your use case.
... how to start this discussion? ...
First of all I'm sorry for my poor english!...
... I am very disappointed at both the "qualitative" level of the new "business" product - Computer Protection and the way Workstation Security has replaced the new "solution" ...
I just woke up with the new Computer Protection software installed on my computer without giving my approval and permission!
And the same thing happened to my clients.
Some of them did not realize the change, they just remembered that they had to restart their computers (some restarted without the user taking the idea ...).
And other clients even showed dissatisfaction.
In connection with what I have said in the previous message, and according to your requests to come up with more information to support me, I can send you the scan reports I made; I first scanned a computer with Computer Protection, then I scanned the same computer with Workstation Security.
Both programs were set to "full scan", as much as each program allowed me to. (Computer Protection, although it's a "business" option, in the way it limits me to the program settings, it's more like a "home-use" option).
In Computer Protection - "full scan":
- The program lasted from 9:41:02 PM to 11:01:14 PM;
- Items scanned: 777419;
- Harmful items found: 499.
And he did not clean up anything!
In Workstation Security - all "full scan":
- The program lasted from 23:57:54 to 01:20:00;
- Result: 1544 malware found.
• Files: 1361051
• Not scanned: 65
• Viruses: 1534
• Spyware: 0
Suspicious items: 10
• Riskware: 0
• Disinfected: 13
• Renamed: 0
• Deleted: 0
• Quarantined: 0
• Failed: 5
• Scanned: 2
• Infected: 0
• Suspicious items: 0
• Disinfected: 0
Result of comparison:
- Workstation Security is faster than Computer Protection;
- Workstation Security scan more files than Computer Protection;
- Workstation Security dectect more infected files than Computer Protection;
- And Workstation Security has at least disinfected some files, while Computer Protection has not cleaned anything.
It's not just words. It's facts.
- Computer Protection is not a real "business" antivirus program;
- Computer protection is under level of Workstation Security;
- F-secure Company install a program on my computer and change my protection program (with another whorst ...), and other computers too, without warning me and without my permission!
And I and my clients paid for the Workstation Security variant!
For the above, I decline my support for F-Secure products, and I will therefore recommend to my clients and those I interact with to focus on other protective products.
thank you for the more detailed report on what you are experiencing. It would have been really useful if you had run the support tool after these tests and sent us via support the fsdiag file, so we could have analysed this even more thoroughly.
Here is some analysis based on the data we can see from here:
- First of all the manual scan of a computer is not the most imporant protecting for modern viruses and Computer Protection has lot more new capabilities on other area compared to Workstation Security.
- The amount files being scanned is so different just because the set of file extensions we scan is different with default settings.
- Speed difference is just some minutes and I think WKS 12 was actually 2 minutes slower in the 1 hour 40 minutes times. If you would have tested the scan times for second time the time for CP should drop a lot, as the first scan caches lot of information on the clean files and optimizes the scan times that way.
- On the cleaup of the infection - based on the numbers from both the WKS12 and CP, it looks like most of the infected files are inside archives and we do not cleaup them. We are still wondering why you could not cleanup anything during the scan. It should not have worked like this.
- About the upgrade without permissing - are you a partner level user or company level users? With partners who do Security as a Service the partner actually decides when to do the upgrades and how to communicate to their customers. We haven't yet started any forced upgrade due to EOL for WKS 12, but those will start during this month.
Again, I'm really sorry for the bad experience with our product. If you could still send the fsdiag support file to our support with the scan results this would help a lot us.
I came back with a supplement:
- the computer that I scanned with F-Secure products, I finally cleaned it with other antivirus programs;
- and at this point my client uses Kaspersky's Endpoint Security solution on that computer...