Policy Manager Console runs slow and unable to connect to Policy Manager.
Make sure your Policy Manager and Policy Manager Console are the same version. Otherwise connection will not work. If both are the same version it could be due to having very high number of alerts, or very high volume of scanning reports being kept in Policy Manager Server. This would slow down the console.
You may remove some of the alerts, or scanning reports to improve the performance. If the above mentioned does not help, proceed to do the following:
Stop F-Secure Policy Manager Server service. Backup the H2DB (...\F-Secure\Management Server 5\data\h2db). DO NOT proceed further without having a working H2DB backup in place. Run the database maintenance tool (...\F-Secure\Management Server 5\bin\fspms-db-maintenance-tool.exe) and follow the on-screen instructions to optimize the database. Start F-Secure Policy Manager Server service. Log on to Policy Manager Console.
In case issue remain, you can execute the H2DB recovery tool (...\F-Secure\Management Server 5\bin\fspms-db-recover.bat) in the command prompt window, to repair the H2DB. Note: Do stop F-Secure Policy Manager Server service before running the tool. If necessary, you can refer to the read me file (..\F-Secure\Management Server 5\bin\README-recover-db.txt) on how to execute the H2DB recovery tool. Once you have finish repairing the H2DB using the tool, you can proceed to take the repaired H2DB into used, and start back F-Secure Policy Manager Server service. Try to logon to Policy Manager Console again after this.
Article no: 000010142
... View more
In Policy Manager, F-Secure Linux Security installed as clone image is not listed under the domain tree.
Follow the instructions in the F-Secure Linux Security administrator guide to clear the host UID after deploying Linux clone image. This is explained in page 9 section 2.3, Central Deployment Using Image Files here.
Article no: 000014351
... View more
I get "Page has expired" prompt when trying to login to my My F-secure account. What should I do?
There are 3 things you can try to solve the issue:
Close your browser by clicking on the Cross in the top right corner, and open the browser again. Then enter this web page again: https://my.f-secure.com/login Try to open your browser in private mode, and enter this web page (https://my.f-secure.com/login):
Google Chrome: Click on 3 dots icon in top right corner. Then choose Incognito Mode Microsoft Edge: Click on 3 dots icon in top right corner. Then choose InPrivate Window Mozilla Firefox: Click on 3 lines icon in top right corner. Then choose New Private Windows
Try clearing your browsers cookies and cache (see instructions below), and then enter this web page again (https://my.f-secure.com/login):
How to clear the Google Chrome browser
Launch your Chrome browser. Click the Chrome menu (3 dots icon top-right of the screen). Select Settings. At the bottom of the page, click Advanced. Under the section Reset settings, click Reset settings. Scroll to the bottom and select Reset settings to their original defaults. In the dialog that appears, click Reset. Restart the browser.
How to clear the Firefox browser
Launch your Firefox browser. Click on the Firefox menu (Hamburger icon top right of the screen). Click on the Grey Question Mark at the bottom of the interaction box. Select Troubleshooting Information. Click Refresh Firefox. Restart the browser.
How to clear the Edge browser
Launch your Microsoft Edge browser. Click on the Edge menu (3 dots icon top-right of the screen). Click Settings. Under Clear browsing data, select Choose what to clear. Click on the options you want to clear. For your case make sure your list includes cookies and cache.
How to clear the Internet Explorer browser
Launch your Internet Explorer browser. Open Settings (Gear icon top-right of screen). Select Internet Options > Advanced > Reset. Confirm the reset by clicking Reset again. Restart your browser.
How to clear the Safari browser
Launch your Safari browser. On the top left of the browser click Safari to get the drop down. Click the Reset Safari option. A dialog with a list of options will be displayed. Select the following:
Remove all cookies. Clear history Empty cache
Ensure you check which of the functions have been selected as it can not be reversed once reset. Click the Reset button.
Article no: 000002373
... View more
Freedome asks for renewal even though license is still valid, re-entering license key gives "This key has already been used on this device".
F-Secure FREEDOME may be malfunctioning.
If you get this error on your Mac computer, a removal of the keychain after uninstallation is a possible fix. Follow these steps:
Open Finder. Go to Applications. Move Freedome application to the trash, and empty it. Open Spotlight and remove the following folders: ~/Library/Application Support/F-Secure/ and /Library/Application Support/F-Secure/ Install Freedome using this installation file. Activate your subscription from the Subscription page.
If this happens on your Apple iOS device, re-install Freedome and re-enter the key. Transfer licenses, if necessary.
Article no: 000013228
... View more
Ping detection fails due to switch redirection using RADAR Discovery Scan.
We have added a new feature In F-Secure Radar that helps to resolve this issue. You need to modify your discovering scan template to use it. Follow the steps below to configure the top 100 port scan template without scanning or pinging port 80:
Create a new discovery scan template:
Name the template (eg. "Port Scan (no 80 ping)") For scan mode select Custom port scan TCP range: 7,9,13,21-23,25-26,37,53,79,81,88,106,110-111,113,119,135,139,143-144,179,199,389,427,443-445,465,513-515,543-544,548,554,587,631,646,873,990,993,995,1025-1029,1110,1433,1720,1723,1755,1900,2000-2001,2049,2121,2717,3000,3128,3306,3389,3986,4899,5000,5009,5051,5060,5101,5190,5357,5432,5631,5666,5800,5900,6000-6001,6646,7070,8000,8008-8009,8080-8081,8443,8888,9100,9999-10000,32768,49152-49157 UDP range: 7,9,17,19,49,53,67-69,80,88,111,120,123,135-139,158,161-162,177,427,443,445,497,500,514-515,518,520,593,623,626,631,996-999,1022-1023,1025-1030,1433-1434,1645-1646,1701,1718-1719,1812-1813,1900,2000,2048-2049,2222-2223,3283,3456,3703,4444,4500,5000,5060,5353,5632,9200,10000,17185,20031,30718,31337,32768-32769,32771,32815,33281,49152-49154,49156,49181-49182,49185-49186,49188,49190-49194,49200-49201,65024 Click Save
Download the new template:
Select it on the templates list (click the checkbox) Click Download scan settings Edit downloaded file by adding '-PE -PP -PS443' node within '' (see Top 100 no 80 ping.xml)
Upload modified template:
Click Upload scan settings on Radar templates list Browse for your edited file and click "Upload"
Use your newly created template in Discovery Scans.
Note: If you want to skip port 80 pings on other types of scans, the procedure is similar (add correct <AdditionalNmapOptions> in the config).
Article no: 000012266
... View more
The DeepGuard status of a F-Secure Client Security 14.0x client in Policy Manager in the Overall Protection section, the status is shown as "Unknown".
This is a known issue and an upgrade to F-Secure Client Security version 14.10 or newer fixes the issue. The older Client Security 14 do not have the upload of DeepGuard module version to Policy Manager enabled.
Article no: 000012983
... View more
I am not able to modify firewall settings via PSB portal profile editor, as when I make any change to the settings, the save and publish button gets greyed out and no further changes can be made anywhere in the profile.
There can be different scenarios that could cause the problem. Check the following:
The profile originally belonged to PSB Workstation Security and was automatically migrated over to Computer Protection. The old Workstation Security profiles supported the use of semicolons (;) as a value separator for example for the IP addresses. This is no longer supported for Computer Protection profiles, where it is done with commas (,). If there are remaining old firewall rules still using semicolons, you will not be able to save and publish the profile until these have been modified or removed. The affected rules should be marked with a red line on the left side of the rule so that they can be easily identified. The active firewall profile is set to Automatic selection but no automatic selection rules have been set. You will be able to save and publish the profile until you have either set rules for the automatic selection, or switched to using a single firewall profile. There are duplicate firewall rules (same rule name) in the firewall profile. As it can be both, active and inactive rules causing this, enable the Show inactive rules in order to verify this. The affected rules should be marked with a red line on the left side of the rule so that they can be easily identified.
Article no: 000011689
... View more
How do I create my company account in the F-Secure Protection Service for Business (PSB) portal?
Follow the steps below to create your company account in F-Secure PSB portal: 1. In your F-Secure License certificate that was provided by your F-Secure Re-seller, verify on which F-Secure PSB portal your subscription key belongs to. 2. After verifying the information in Step 1, go to the required F-Secure PSB portal page. E.g:
https://emea.psb.f-secure.com/#/create-company-account https://emea2.psb.f-secure.com/#/create-company-account https://amer.psb.f-secure.com/#/create-company-account https://apac.psb.f-secure.com/#/create-company-account
3. Enter your subscription key and rest of the required information. NOTE:
The User name* is the login name, not your email address. The Account name* should be defined exactly same as the Licensee* name found is F-Secure License certificate.
4. Login to the F-Secure PSB portal once the account is successfully created.
Article no: 000004678
... View more
Firewall rules made with Policy Manager 14.x are not operational on Client Security 14.x clients. Firewall rules pushed from Policy Manager 14.x to Client Security 14.x clients do not appear in the Windows firewall.
Check that you have edited the same firewall profile that is in use on the client. This can be done by following these steps:
Open F-Secure Policy Manager Console Select the host or domain from the Domain tree Go to the Settings tab Go to the Firewall page Check that Host profile and Profile being edited match
If they match, the reason why the rule is not applied on the client is because it is an invalid rule. If the rule has many IP addresses in it, make sure that you have used a comma ( , ) in between each IP range as a value separator. Using a space or semicolon ( ; ) in between the IP ranges will invalidate the rule and it will not be visible in the Windows Firewall.
Article no: 000011310
... View more
Is it possible to schedule monthly reporting in MSG?
No, it's not possible. You can can have reporting scheduled for selected days, so the longest interval is one week.
Article no: 000005286
... View more
Every day at the same time I get an alert from Deepguard that it has blocked Powershell.exe
The most likely scenario is that a piece of malware or potentially unwanted application has created a scheduled task in the Windows task scheduler. This task is ordered to run the Powershell application, which is a part of Windows, with a set of instructions that Deepguard is recognizing as malicious or questionable. Collect an fsdiag-file from the affected computer following these instructions and then contact support with a description of the situation. They will need to analyze the fsdiag-file to suggest further instructions.
Article no: 000005016
... View more
Carbonblack sensor and Server Security causing BSOD during reboot
When both products, Server Security and CarbonBlack sensor, are installed on the same server, BSOD occurs on every reboot. The problem is related to Windows Firewall. Existence of our drivers/services increases the chance of an MS bug to appear. Possibly our services issue some specific network requests, which cause memory corruption in the Windows firewall engine (memory corruption goes very deep into MS code of the firewall). This is an essential bug in the MS engine (possibly even a security vulnerability if such memory corruption could be made on request). This has been already reported to Microsoft. The workaround/solution is to stop MS firewall before reboot or try to relax/change firewall rules on the server. More information about Carbon Black: https://www.carbonblack.com/
Article no: 000016167
... View more
F-Secure PSB Computer Protection shows "Check that your internet connection is working and try again" error after entering subscription key during installation.
If you are connected to the internet and still getting the "Check that your internet connection is working and try again" error message during installation with a subscription key, follow the steps below to rule out other probable causes: Incorrect subscription key:
Check that you are using the correct subscription key during installation Double-check the spelling and verify from either your license certificate or from the Subscriptions page in the PSB portal that you are using a valid license
Insufficient number of available licenses:
Check that there are still available licenses on the subscription key you're trying to use In the PSB portal, go to the Subscriptions page and check the Usage column for the license in question. If there are no more available licenses, you have two options:
Remove old installations that are no longer in use to free up licenses, or; Acquire more licenses by reaching out to your F-Secure reseller partner or F-Secure sales contact
If you would like to remove old installations that are no longer in use to free up licenses, follow the steps below:
Log in to the PSB portal Go to the Devices page Select the device(s) you want to remove, using the checkbox on the left Click Remove device from the options at the bottom of the screen
After removing a device from the PSB Portal, the device will be added to a list of removed computers so that it will not be able to connect to the portal anymore and take a license into use. To be able to reinstall PSB Computer Protection on these devices, you need to clear the list of removed computers:
Login to the PSB Portal Go to the Subscriptions page Open the action menu on the right side of the license Click Clear list of removed computers
Note: If a computer is on the list of removed computers and you try to use the subscription key on that computer, you will get the same "Check that your internet connection is working and try again" error message. You will need to clear the list of removed computers to install the software again on that computer. Installation file has been downloaded from the wrong PSB Portal: The installation files for PSB Computer Protection are PSB Portal specific. Make sure you have downloaded the installation file from the correct portal. You can verify the portal the subscription key belongs to from your license certificate.
Article no: 000008841
... View more
F-Secure program (F-secure SAFE/ Anti-Virus) has detected malicious files or viruses but they were not deleted automatically.
You can open the scanning report and locate the specific files in the following way:
Open F-Secure SAFE Click on Tools Click on Infection report Click on the specific report Open the information from there Find the exact file from finder You can delete the file by moving it to Trash, and then emptying the Trash after that. Be aware, if the mentioned file is an email file - this will remove all your emails if you delete it.
Note: Potentially Unwanted Application detections are common in the Mac OSX environment. F-Secure product only warns about Potentially Unwanted Applications but does not automatically remove them. Regarding the removal, we suggest that you uninstall the application completely from your Mac environment to stop the detection alert. If you want to use the application in your environment, you can exclude those files in the product. Note: You can exclude only process/applications from scanning, not files. You can run the following commands in Terminal to exclude Outlook Application from scanning: sudo -s echo "/Applications/Microsoft Outlook.app/Contents/MacOS/Microsoft Outlook" >> /usr/local/f-secure/fsmac/sysconfig/system_daemons launchctl stop com.f-secure.fsavd Restart your computer after running the commands and monitor the CPU usage of the FSAVD process.
Article no: 000004299
... View more
How to install a Hotfix
There are several types of HOTFIXES. fsfix, jar, and zip.
FSFIX -> This is for Windows clients. This hotfix can be run on each Windows clients. JAR -> This is for Policy Manager deployment. You can deploy hotfix using Policy Manager automatically. ZIP -> This contains both FSFIX and JAR, sometimes only one from those. Users need to extract this file.
Internet Explorer may change the file extension for fsfix/ jar to ".zip" This is due to the security setting. When it happens, please change the file extension back to the original one. [How to install] Fsfix
Download the fsfix fix to target machine. Double click fsfix. Message is shown. Click "Yes" to proceed. Wait until installation finishes. You can see message window when it's finished. Click "OK" to finish installation.
Open policy manager console and select "installation" Click on "Installation package". Click on "Import" and import Jar file. Click on "Close" Select target PC(or domain) and click on "install package". Select package name and click on "OK" Deploy policy to targets.
Sometimes, a reboot is recommended. Please reboot your PC, if needed. This message is shown based on your OS status even if the hotfix does not need an OS reboot.
Article no: 000014849
... View more
If we wish to block access to Web Radio pages, which category should we block in web content control settings?
To block access to web radio pages, block the "Streaming media" category in Web Content Control.
Article no: 000016109
... View more
DeepGuard blocks the application. This was determined to be a high-risk application by system control heuristics. After the file SHA-1 hash and file path is excluded in F-Secure Client Security 13.x/14.x, Deepguard continues to block the application
You can exclude the network drivers from being scanned, by doing the following:
Log in to Policy Manager Console Click on the Settings tab Click on Advanced View Navigate to F-Secure DeepGuard Click Settings Click Excluded applications and enter the exclusion in UNC format, like:'\\servername\share\folder\to\the\app.exe'
If this location is also mapped to a drive letter, then another exclusion must also be added in the mapped format, so for example ' N:\folder\to\the\app.exe'
If the network drive was mapped to N. Both formats are needed, as mapped network drives are user-specific, settings and DeepGuard can't automatically do the user based drive letter mapping. Folder based exclusions on network drives are also supported.
Please refer to the screenshot below when making the exclusions:
7. Distribute the policy Note: If you are using F-Secure Client Security 13.10, kindly upgrade to 13.11 since the latest version has improvements for DeepGuard. Wildcard exclusions are only applicable for Real-time scanning. For Deepguard exclusion, kindly use file or folder path. F-Secure Security Cloud (ORSP) has a higher priority compared to SHA-1 exclusions. Only file or folder path exclusion has higher priority over ORSP. If you are using Policy Manager Version 14.xx. This setting has been replaced by Files and applications excluded from scanning, which applies to version 12.x, 13.x, and 14.x hosts. Your existing trusted applications have been moved to the new setting.
Article no: 000004819
... View more
PSB client does not take the new expiry date into used after subscription key is renewed.
In the scenario whereby PSB subscription is renewed when a subscription is valid still, there is a delay of up to 8 hours for the PSB client to take the new expiry date into use after renewal is done. In the scenario whereby the PSB subscription is renewed after the subscription is expired, the PSB client will take the new expiry date into use immediately. You do not need to re-enter the subscription key on the PSB client in case the subscription key remain unchanged.
Article no: 000007397
... View more
I would like to know the description for each of the services used in F-Secure product. What does each service do?
Below you can find the functionality and purpose of each F-Secure service:
F-Secure Hoster: Product business logic, including product updates, telemetry, settings & configurations with SYSTEM privileges. F-Secure Hoster (Restricted): Product business logic, including product updates, telemetry, settings & configurations with NETWORK SERVICE privileges. F-Secure Ultralight Hoster: Anti-malware scanning logic, including real-time scanning, Online Safety, DeepGuard, DataGuard and Application Control with SYSTEM privileges. F-Secure Ultralight Network Hoster: Anti-malware scanning logic, including real-time scanning, Online Safety, DeepGuard, DataGuard and Application Control with NETWORK SERVICE privileges. F-Secure Ultralight ORSP client: Real-time protection network query service (NETWORK SERVICE). F-Secure Ultralight Protected Hoster: Scanning integration to Windows Security Center, runs as protected process (protected by Windows). F-Secure Device Control: F-Secure Device Control Daemon service, provides a possibility to block/restrict access to local devices.
Article no: 000016071
... View more
Can the Computer Protection profile be used to force the firewall on if the end user has turned it off?
The on/off state of the Windows Firewall can be fully controlled from the PSB portal settings profiles. To modify the state of the firewall, do as follows:
Log in to the PSB Management Portal Go to the Profiles page Click on the profile you want to edit (observe that profiles with the READ ONLY flag cannot be edited) Select the Firewall page from the options on the left Under General settings, set the Use Windows Firewall-setting to the desired mode (to prevent anyone from being able to modify the setting locally, click the lock-icon on the extreme right side of the setting, so that the lock is closed)
The Windows Firewall will always follow the setting in Computer Protection. Users with sufficient rights can turn the firewall on or off directly through the firewall settings in Windows, but it will be forced back again in a few seconds time. Leaving the setting unlocked in the settings profile will allow for local settings to override the value stated in the profile, see the following examples: Profile setting: firewall ON, setting unlocked Setting in Computer protection UI: OFF Result: the Windows Firewall will be forced OFF Profile setting: firewall ON, setting unlocked Setting in Computer protection UI: ON Result: the Windows Firewall will be forced ON Profile setting: firewall ON, setting locked Setting in Computer protection UI: Will be forced ON Result: the Windows Firewall will be forced ON
Article no: 000016070
... View more
This article is applicable for the following products: Client Security, Server Security, PSB Server Security, Computer Protection. A scheduled scan task by F-Secure products does not seem to be created in the user interface, does not start or work. What do I do?
1. When scheduled scan configured in the F-Secure product, it creates a scheduled scanning task in the Windows Task Scheduler. If the scheduled scan does not start, you can verify if the task was actually created in Windows Task Scheduler:
Click Start. Go to Control Panel > System and Security. Click Administrative Tools. Select Task Scheduler. Select Task Scheduler Library. Look for Scheduled scanning task. (or the customized scheduled scanning task name you defined via Policy Manager Console or PSB profile editor) Delete the Scheduled scanning task. (or the customized scheduled scanning task name you defined via Policy Manager Console or PSB profile editor) Disable and re-enable back the scheduled scan.
2. If the scheduled scanning task is not found, try re-configuring the scheduled task (e.g. make a change in the scheduled scan, then distribute new policy from Policy Manager, or save and publish the profile on PSB Portal). 3. Try to execute the scheduled scanning task in Task Scheduler manually and see if it works. If not, the scheduled task is disabled via GPO mostly. 4. For Server Security 12.x and PSB Server Security 12.x, try to restart FSGKHS (F-Secure Gatekeeper Handler Starter) services and verify if the scheduled scanning task works after that. 5. If you enclose the string with quotes, the scheduled scan will not work. Remove the quotes via the Policy Manager Console, distribute the new policy or PSB profile editor, save and publish the profile. Does not work: "/t18:00 /b2018-8-1 /rdaily" Works: /t18:00 /b2018-8-1 /rdaily 6. If the scheduled scanning task can be found in the Task Scheduler Library but is not visible in the application user interface - that is to be expected. Since the task is being configured and scheduled centrally, it is not handled via the end-point protection application, but via Windows Task Scheduler, and in this sense is not configured in the end-point protection application user interface. Note:
The Windows operating system is up-to-date. Ensure that the host remains ON until the scan completes
Article no: 000001990
... View more
How to allow an application, when my Internet Security or Anti Virus blocks a safe application?
To allow an application that DeepGuard has blocked:
Open the program. Go to Tools > App and file control. Select the Blocked tab. Select the blocked application that you want to allow. Click Allow. Click Yes to confirm that you want to allow the application to be run.
Now the application is allowed to be run on the system.
Note: To view all the currently excluded files and applications, select the Excluded tab in the App and file control view.
Note: To prevent it from happening again in the future, please inform our Labs about the blocked application. You can also exclude files from being scanned when you are sure that the folder includes applications that are safe. To add files or folders that you want to exclude:
Open the program. Go to Tools > App and file control. Select the Excluded tab. Click Add new. Select the file or folder that you want to exclude. Click OK.
The selected files, drives or folders are excluded from the future scans.
Article no: 000012542
... View more
Why is F-Secure Internet Security/Anti-Virus showing "license is expired"?
There can be several reasons for this message.
The subscription key has expired, if that is case, then you need to renew your F-Secure Internet Security / F-Secure Anti-Virus program in the following way: https://community.f-secure.com/t5/F-Secure-SAFE/How-do-I-renew-F-Secure-Internet/ta-p/109586 The subscription was used several times on the same device. The subscription is in use with some other device. The Windows system was restored. The key has been locked because it has transferred the license time to another key.
To use your valid F-Secure Internet Security / F-Secure Anti-Virus subscription key in your program, do the following:
Open F-Secure Internet Security / F-Secure Anti-Virus. Click on the Renew now button from the main page of the program. Insert your F-Secure Internet Security / F-Secure Anti-virus subscription key ( xxxx-xxxx-xxxx-xxxx-xxxx). C lick Continue.
If this doesn't help the situation:
Uninstall F-Secure Internet Security/Anti-Virus using the Uninstallation tool. Download the program Internet Security or Anti-Virus. Start the installation. Enter the current subscription key (xxxx-xxxx-xxxx-xxxx-xxxx) . Click Use license again, If you receive a message that the subscription key is in use, click use license again.
Note: If you see other error message regarding the license activation, contact F-Secure support for further assistance.
Article no: 000001416
... View more
How to migrate the F-Secure Policy Manager Server to the new Windows Server?
If you want to keep the DNS name, just move h2db to the new host, stop the old host and start the new one. If you change the DNS name of the server, you must follow the instructions below: Please read the following instructions completely before you start working on the server. Create a backup of the PMS: 1. Stop the Policy Manager Server service. 2. Back up the directory <F-Secure Installation Folder> \ Management Server 5 \ data \ h2db>. 3. Restart the Policy Manager Server service. Now perform the installation on the new server. The current installation file can be found on our website: https://www.f-secure.com/en/web/business_global/downloads/policy-manager Note: To avoid the communication issues, use exactly the same ports by the installation like for the old F-Secure Policy Manager Server . To restore secured Policy Manager data: 1. Stop the Policy Manager Server service. 2. Copy the backup to the <F-Secure Installation Folder> \ Management Server 5 \ data \ h2db> directory to the correct location. 3. Restart the Policy Manager Server service. After the installation is complete, the new F-Secure Policy Manager Server has the complete domain structure, including the settings. After logging into the old server using the Policy Manager Console, enter the address of the new Policy Manager Server <F-Secure Management Agent / Data Communication / Protocols / HTTP / Management Server Address> and distribute the policies for all your policy domain. Now all clients will connect the new server. Once all clients are connected without errors with the new Policy Manager Server, you can turn off the old one. The procedure is also discussed in the following community article: https://community.f-secure.com/t5/Business/i-need-to-move-policy-manager-to/m-p/13961
Article no: 000002290
... View more
Steps to clear up ORSP cache in F-Secure Client Security / Computer Protection / SAFE / Internet Security.
Click Start, type in cmd.exe in the search bar, and press Enter In the command prompt window type in the following command and press Enter:
For SAFE (64-bit)
cd C:\Program Files (x86)\F-Secure\SAFE\Ultralight\ulcore\<highest directory number>
For SAFE (32-bit)
cd C:\Program Files\F-Secure\SAFE\Ultralight\ulcore\<highest directory number>
For Internet Security (64-bit)
cd C:\Program Files (x86)\F-Secure\Internet Security\Ultralight\ulcore\<highest directory number>
For Internet Security (32-bit)
cd C:\Program Files\F-Secure\Internet Security\Ultralight\ulcore\<highest directory number>
For Client Security (64-bit)
cd C:\Program Files (x86)\F-Secure\Client Security\Ultralight\ulcore\<highest directory number>
For Client Security (32-bit)
cd C:\Program Files\F-Secure\Client Security\Ultralight\ulcore\<highest directory number>
For Computer Protection (64-bit)
cd C:\Program Files (x86)\F-Secure\PSB\Ultralight\ulcore\<highest directory number>
For Computer Protection (32-bit)
cd C:\Program Files\F-Secure\PSB\Ultralight\ulcore\<highest directory number>
Note: If there are more than one sub-directories inside of the ulcore directory, select the largest sub-directory number for <highest directory number>
Type in the following (note the double dash --), and press Enter:
For 32-bit systems: orspdiag.exe --cache-clear For 64-bit systems: orspdiag64.exe --cache-clear
Accept with the letter Y when asked, then press Enter After completion, close the command prompt
Article no: 000004992
... View more
This article applies to the following F-Secure products: Computer Protection for Mac, Client Security for Mac, SAFE for Mac, SENSE Application for Mac F-Secure product is installed on a Mac computer but the user interface shows that computer is not protected and that the real-time scanning is not activated.
After installation of the Mac product on macOS High Sierra, a red F-Secure (X) icon may appear when running real-time scanning. This is due to a new security feature, which has been introduced in macOS High Sierra (10.13) or higher. During first time installation, the security feature requires you to allow system software from F-Secure. Until the software is allowed, real-time scanning will fail.
Once the installation is complete, allow F-Secure software as follows:
Go to System Preferences > Security & Privacy, and select the General tab. Click Allow. Once this is done, the icon status changes to normal and the error message disappears.
Note: The steps described must be performed locally on the machine and not remotely. Full instructions with pictures: https://community.f-secure.com/t5/Business/Issue-with-real-time-scanning/ta-p/100546 In case the mentioned solution above does not work, carry out the following solutions one by one and verify if the real-time scanning could be enabled. Solution 1:
Check in System Preferences > Security & Privacy > Privacy > Accessibility and remove or disable 3rd party accessibility software such as the Better Touch Tool or MagicPrefs. Go to System Preferences > Security & Privacy. Select the General tab. Click the Allow button.
Check in System Preferences > Keyboard > Shortcuts > Full keyboard access to enable full keyboard access. Go to System Preferences > Security & Privacy, and select the General tab. Use Tab key to move the focus on the Allow button Press Spacebar on your keyboard while the Allow button is active.
Solution 3: Add F-Secure Team ID (6KALSAFZJC) to the list of approved kext developers by using "spctl kext-consent" command in the Recovery mode. Refer to the following page for more detail information: https://developer.apple.com/library/content/technotes/tn2459/_index.html#//apple_ref/doc/uid/DTS40017658-CH1-TNTAG4
Article no: 000001668
... View more
Software Updater is unable to download Java updates. Trying to use the same download link that is written in the logs leads to an error, so it can't be used manually.
Oracle has changed the way Java is licensed. A side effect of this is that Java updates can be downloaded only from the vendor's server with authentication. This stops Software Updater from downloading the Java update. We have published a change to Computer Protection to stop showing Java update as a missing update in Software Updater. After this, you will need to install Java update manually (not via F-Secure Software Updater). At the same time, we are not going to change the Software Updater behavior for the rest of the products. To stop Software Updater from trying to install the problematic Java update automatically, you can exclude the Java Update from the automatic installation by following these steps: If you have a Business Suite product (Client Security or Server Security)
Log in to Policy Manager Console Select the target group from the Domain Tree Go to the Settings tab Select Software Updater Click on Add from the right side of the Exclude software from automatic installation list Use Java as the software name to exclude it
If you have a Protection Service for Business product (Computer Protection or Server Protection)
Log in to the PSB Portal Go to the Profiles page Click the profile you want to edit Select Software updater Click Add software below Exclude software from automatic installation Write Product=Java to exclude Java software from automatic installation
After the change, you will need to install the Java update manually. NOTE: The above mentioned information is also available in the following community article: https://community.f-secure.com/t5/Known-Issues-in/Software-Updater-unable-to/td-p/116932
Article no: 000011585
... View more
How to download and install F-Secure Protection Service for Business (PSB) products, like Computer protection, Server Protection or Email and Server Security?
To download an install F-Secure Protection Service for Business (PSB) products, follow the steps below:
Log in to PSB Portal
EMEA (PSB1) America (PSB2) APAC (PSB3) EMEA2 (PSB4) EMEA3 (EUSMI)
On the side navigation bar, click Downloads Select the product that you wish to install to download the installer Run the installer
For some products there is also the option to send the installation file to a user via email: https://help.f-secure.com/product.html#business/psb-portal/latest/en/task_4BBCD978718B46C2ACD5D21B65A59DDC-psb-portal-latest-en
Article no: 000001426
... View more
A user has forgotten their password to Secure Reader and there is no direct way to reset it.
For internal users, the password can be reset through the appliance webGUI:
Log in to the appliance webGUI Go to the System-tab Navigate to User Management->Users on the right Search for the users email-address Click the email address to bring up the user details Go to the Authentication-tab Click the Reset-button next to the password The user will get a welcome email with a temporary password and a link to the end user services that is valid for 30 minutes
For external users, the recommendation from Proofpooint is to remove the user and have them re-register:
Log in to the appliance webGUI Go to the System-tab Navigate to User Management->Users on the right Search for the users email-address Check the box to the left of the account that needs to be removed Click the Delete-button on top of the user list The next time the user tries to access the Secure Reader, they will be prompted to create a new account
Removing a user has no impact on how the user can access mails in the future. After the re-registering they will be able to access all their secure mails as before, as long as they are still stored on the appliance. Although the temporary password sent by the welcome-email will work for an external user to access the Secure Reader, the link in the mail to the end user services will not. As this might cause unwanted confusion the better solution is to remove the current user completely.
Article no: 000007798
... View more
After upgrading to F-Secure Client Security 14.10 or F-Secure Server Security 14 Client keeps asking for restart with notification "restart required F-Secure product received a critical update. To keep your protection up to date, restart your computer. Remember to save your work" After a restart the same notification is shown again F-Secure Ultralight services are not listed in the Windows services list Capricorn update is missing from Updates list in the local user interface
Note: If you click on the view log file button in the Updates view, it will bring you to the aua.log, where you can see similar entries: I: Installation of 'F-Secure Ultralight Core Update 2019-08-22_01' : Processing I: Installation of 'F-Secure Ultralight Core Update 2019-08-22_01' : Retry at restart I: Installation of 'F-Secure Hydra Update 2019-08-28_04' : Processing I: Update check completed successfully I: Installation of 'F-Secure Hydra Update 2019-08-28_04' : Retry at restart
This issue is related to Ultralight not installing or updating correctly. You can install one of the hotfixes bellow to solve the problem:
FSCS1410-HF01 FSCS1410-HF02 FSCS1410-HF07
Note: All these Hotfixes are applicable for Server Security 14.00 and Client Security 14.10 These hotfixes are not publicly available from our homepage. Open a support request and our customer service team can send you the hotfixes. If these hotfixes do not resolve the issue and Capricorn update is still missing from the Updates list, you can try removing the Capricorn update from your Policy Manager Server and re-download it. Follow these steps to re-download Capricorn update on your Policy Manager Server:
Stop Policy Manager Server Service Delete the following folder: C:\Program Files (x86)\F-Secure\Management Server 5\data\guts2\updates\capricorn-win64 Start Policy Manager Server Service
The Policy Manager Server will now re-download the missing Capricorn update. Wait for 30 minutes and check from the client if it has now been able to download and install Capricorn.
Article no: 000014676
... View more