Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- F-Secure Community
- :
- About etomcat
About etomcat
since
23-03-2012
Thursday
etomcat
Superuser
929
Posts
193
Kudos
103
Solutions
21-02-2019
06:31 PM
Hello, > Response: “F-secure Aquarius Update 2019-02-04-09 installed” So It really doesn’t get latest updates. The Bitdefender-based "Aquarius" scan engine has just been deprecated in F-Secure's products. The new main scan engine is sourced from Avira and called "Capricorn". The engine swap should have happened auto-magically under the hood, on all F-Secure version 12, 13, 14 endpoints. If the Capricorn updates regularly then it's OK. If not, please contact F-Secure support with the built-in FSDIAG diagnostic tool's result from a typically affected endpoint and the Policy Manager Server for a through investigation. Best regards: Tamas Feher, Hungary.
... View more
21-02-2019
06:26 PM
Hello, > I need to do one analysis on each one of them as daily task No, you don't. F-Secure is a vendor with highly automated products, so if something is wrong with an F-Secure endpoint and the endpoint is not able to remedy itself (fatal error or security event grade occurances) then you receive an e-mail or syslog alert through the Policy Manager centralized control server. (The kind of misery attitude your message emits is more fitting say the Kaspersky products, which were apparently designed to make the life of corporate IT personnel difficult. Conjure up images of the Volga ship towing crew in Rjepin's famous painting.) If you are worried about targeted attacks, a diagnostic log won't help there. For that "APT" threat, F-Secure has a sensor-based Rapid Detection and Response solution, which can be operated as a service by F-Secure itself or by a local partner with escalation to F-Secure or even by the end-user (if they are a large company with a highly trained IT-Sec department). As for false malware alarms, which are currently on an uptick, the easiest way is to upload the affected file to "Virustotal.com" and send the resulting weblink to F-Secure lab with a few lines of text descibing the issue (i.e. our in-house brewed HR software was hit by a Deepguard or HEUR false alarm today morning). They can access the binary file sample through the VT infrastructure, so I don't recommend fiddling with passworded e-mail attachments and other legacy submission methods that usually don't work reliably. Best regards: Tamas Feher, Hungary.
... View more
20-02-2019
11:33 AM
Dear Sirs, Is it possible to update a Debian 8 Linux based F-Secure Policy Manager Server 12.40.81151 (with java hotfix) to version 14.01 in one go? Would you recommend doing the upgrade directly or better go through versions 12.4 -> 13.1 -> 14? Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.
... View more
06-02-2019
12:44 PM
Dear Sirs, What are the technical differences on Android devices (smartphones, tablets) if the customer subscribes to F-Secure PSB at the "Premium" level? Thanks in advance, Yours Sincerely: Tamas Feher.
... View more
28-01-2019
06:55 PM
Hello, Most likely something (e.g. Microsoft IIS or other webserver) is already using port 443, which is a standard port. Alternatively, something (e.g. Windows' built-in Microsoft firewall) is maybe blocking access to port 443? Best regards: Tamas Feher.
... View more
28-01-2019
03:55 PM
Dear Milka, A personal message was sent, containing the corresponding data. Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.
... View more
18-01-2019
03:23 PM
Hello, I wonder if it is possible to install FSAVCS 13.11 and then upgrade it PARTIALLY to FSCS 14.01, so that only the anti-virus part is upgraded to use new the lean scan engines, but F-Secure's proprietary IS/DFW firewall module remains in use? It would probably need some hacking to achieve such a "hybrid" environment. Best Regards: Tamas Feher, Hungary.
... View more
08-01-2019
03:27 PM
Dear Sirs, If a micro-business customer has about 15-20 "F-Secure Internet Security" licenses in total, which are nearing expiry, could they easily convert their computer fleet to FSAV PSB? Is it enough to visit the computers and enter new 20-character PSB keycode in the local GUI, so that automatic conversion starts or do they need to contact F-Secure support for a conversion command to be pushed via the AUA channel? As a worst case would they need to manually un-install FSIS and install CP18.x on each endpoint? Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.
... View more
07-01-2019
04:21 PM
Dear Sirs, After successfully converting profiles in the F-Secure PSB "EMEA" webportal (all conversions completed without any errors), I upgraded a Windows 8.1 64-bit computer from FSAV PSB WKS 12.01 to PSB CP 18.1x. Regrettably the incoming Windows remote desktop access, which was previously allowed and worked, no longer worked, apparently due to the built-in Microsoft firewall blocking it. Why does that happen, I mean the conversion of profiles was meant to prevent such occurances and avoid the need to perform configuration manually? Thanks in advance, BR: Tamas Feher, Hungary.
... View more
03-01-2019
06:01 PM
Hello, I'm seeing many "HEUR/APC" virus alerts in the FSAV PSB webportal reports lately. This moniker wasn't known previously and the affected files seem to be benign based on name and dir path data, i.e. false alarms. Do you think this situation could be related to the new Capricorn engine? Thanks in advance: Tamas Feher, Hungary
... View more
03-01-2019
04:40 PM
Hello, > Send an email. But i didnt get a reply so far? F-Secure support doesn't work via the e-mail directly, first you have to create a ticket through the web portal. Best Regards: Tamas Feher, Hungary.
... View more
17-12-2018
11:48 AM
Hello, Real-time communications option between FSPM and endpoints can be enabled through config file. (The vendor doesn't make it default due to performace / resource usage reasons, but it is available.) BR: Tamas Feher, Hungary.
... View more
05-12-2018
04:04 PM
Hello, Access to a binary file sample may not even be necessary. I think F-Secure malware detection names that include the string "!Online" are special, as they can be identified from some kind of a cloud repository and fixed for false alarms without sample submission. Best regards: Tamas Feher.
... View more
05-12-2018
04:01 PM
Hello, > Withdraw local admin rights, which is MOST important to secure your systems I think that is a hard-liner approach. Many companies use legacy applications, old in-house developed apps which may require local admin rights. People travelling far with company notebooks may also require a degree of autonomy, so local admin right isn't such an outrageous demand. BR, Tamas Feher, Hungary.
... View more
03-12-2018
07:56 PM
2 Kudos
"Hello, I’m a Technical Support Engineer with JumpCloud, and I’m happy to assist with your inquiry. We had reports last week of F-Secure flagging our agent as a virus. We have since reached out to them and we should no longer be flagged as a virus in their latest definition updates. For reference, see our status on Virus Total: https://www.virustotal.com/#/file/eb28580779183fba11dc278658a40ed35b5a8778556c47e82fe9af00a11b7e68/detection. As you can see, we are still working with some vendors to get us back in the green. If you update to the latest definitions, that should restore the JumpCloud Agent back to working order. Can you please try the update and then let me know how it goes? Thanks, Technical Support Engineer JumpCloud"
... View more
03-12-2018
05:11 PM
Hello,
xxxxxxxx
Is it a good idea to give away the address of your F-Secure Policy Manager Server via screenshots? The host seems to be available from the public internet. Isn't it better to make it only available internally and/or via VPN?
BR, Tamas Feher, Hungary.
EDIT: PII
... View more
16-11-2018
12:23 PM
2 Kudos
Hello, That makes sense, because a full computer virus scan can take hours with near 100% CPU usage and almost constant HDD / SSD access. That could deplete the battery and also make it impossible to perform useful work while the scan is running because many laptops throttle, i.e. reduce the CPU / GPU base clocks when on battery power (for example only 1400Mhz available versus 2800MHz when on AC supply). BR: Tamas Feher from Hungary.
... View more
13-11-2018
05:30 PM
Dear F-Secure, A hungarian educational customer reports that F-Secure endpoint protection (at least the PSB CP 18.x versions) have a problem on computers with Virtualbox installed. That hypervisor software creates a virtual network card, which allegedly has the exact same MAC address on every computer. F-Secure PSB CP 18 apparently prioritizes that "virtual" MAC address for its identifier, instead of the physical network card. Because of that choice non-unique identifier related problems may emerge, e.g. "rotation of endpoints" in the PSB admin webportal view. Sysadmin must manually configure the generation and use of "random computer identifiers" for F-Secure endpoints to work around that problem. Please investigate this report and if necessary, implement the corresponding fixes! (E.g. the known wrong MAC addresses belonging to various hyper-virtualization software could be black-listed for unique ID use by factory defult or something like that.) Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.
... View more
08-11-2018
04:09 PM
Hello, > Can F-Secure Client Security for Mac detect Windows Malware? That would likely mean the Aquarius main scan engine, which is a LARGE resource burden (i.e. many hundreds of megabytes of RAM). Apple users would then probably complain of those slow-downs to which Windows users have long resigned to? Best Regards: Tamas Feher.
... View more
17-10-2018
02:32 PM
Dear Maaret, > Release 18.14 - availability starting 27.9.2018 ... This release introduces: > - OEM Functionality that enables installing on cloned machines > - Changes to prepare for channel upgrades from CP18.5 and WKS12 clients > - Fix for a problem with Google Ads being blocked by Browser Protection I was told CP version 18.14 will also introduce official support for the creation of "monolithic" or off-line usable install packages, but the Downloads page in PSB EMEA webportal still only has the small sized "webstub" format installer. Please tell us how to access the official off-line install kit, without resorting to that ugly hack described in the knowledge base. Thanks in advance, Yours Sincerely. Tamas Feher, Hungary.
... View more
17-10-2018
12:32 PM
Dear Sirs, I wonder if the new "F-Secure ThreatShield" product deb/rpm install kits could really be as small as 360kB or maybe there is some tech fault with the downloads? Thanks in advance, Best Regards: Tamas Feher, Hungary.
... View more
10-10-2018
06:04 PM
1 Kudo
Dear Sirs, > I got my Bosch washing machine working on Sense. I wonder if F-Secure Sense supports securing Tesla battery-electric automobiles, e.g. model 3 / S / X / Roadster / Semi? (Note: Teslas receive frequent firmware updates through Wifi / 3G, including such critical areas as anti-skid braking control logic, so they should be well-protecte when connecting to the net.) Thanks in advance, BR: Tamas Feher, Hungary.
... View more
05-10-2018
01:52 PM
Hello, Upload the affected binary file sample here: https://www.f-secure.com/en/web/labs_global/submit-a-sample (Fill out the e-mail address and the short incident description fields, so you can get a written response from the lab when they have re-evaluated the event and repaired the false alam in the malware definitions database if needed.) Best regards: Tamas Feher, Hungary.
... View more
26-09-2018
04:28 PM
Dear Sirs , I wonder if you have heard of a similar situation: it appears that "anti-virus software removal prevention" functionality doesn't work in the latest bugfixed edition of FSAV PSB WKS 12.01 on the Windows 10 64-bit Enterprise Edition platform? FSAV PSB WKS 12.01 build 283 (tow-hundred eighty three) works properly: when trying to uninstall it using the "Add / Remove Programs" icon in Windows's Control Panel, a warning message appears stating that "Current policy settings prevent removal of this product". FSAV PSB WKS 12.01 build 293 (two-hundred ninety three) fails the test: any local user with just local-admin rights can uninstall it using the "Add / Remove Programs" icon. There is no blocking message displayed, there is no request to enter a special password or PIN code for uninstallation authorization, the secrity suite product is simply removed. The corresponding profile in PSB EMEA webportal has been confirmed as correctly configured and does apply to all of the partiular computers involved in this problem. Thus is it possible to state that PSB WKS 12.01 b293 has a bug? Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.
... View more
25-09-2018
05:30 PM
1 Kudo
Dear Fedool, > 18.14 will support it ... cloned computers support Thanks for the insightful information! However, I still feel FSAV PSB 12.01's mandatory replacement schedule should occur no less than 6 months after general release of the new PSB CP 18 major version, with official "monolithic" installer package support and proper cloned computer unique ID support. It would be irresponsible to set the milestone 6 months after the webinar, with the stumbling block technical problems solved maybe just 4 months before the deadline. It is important to understand that many PSB end-user customers are lacking in IT skills and/or IT personnel (.e.g schools) and they need time, even when the local partners do everything in their power to help with the conversion. The popularity of F-Secure PSB solution was built over several years and the PSB WKS 11/12 client is deeply ingrained in its sucess, so it shouldn't be thrown away easily. Thanks for your kind attention, Sincerely: Tamas Feher, Hungary.
... View more
25-09-2018
03:46 PM
Dear Sirs,
I wish to complain that F-Secure's plan for mass migration to FSAV PSB CP18 and the forced phase-out of FSAV PSB WKS 12.01 is not workable and unrealistic as of now!
That's because FSAV PSB CP 18.5 is unable to properly support cloned computers, which are a major part of many business and educational (school) desktop fleets. The supposedly unique F-Secure computer identifiers are confused and endpoints start to kind of "rotate" in the PSB web portal display. Please see F-Secure support case no. xxxxxx for details.
The above described problem does NOT affect FSAV PSB WKS 12.01 software, which thus remains an essential tool to maintain anti-virus protection in cloned endpoint business and academic environments.
Therefore migration plans should be put on hold until the unique computer ID in PSB CP 18 can be made just as robust and truly unique as it was in PSB WKS 12.01.
Thanks for your kind attention, Sincerely: Tamas Feher, Hungary.
EDIT: Removed Case number details
... View more
20-09-2018
04:01 PM
1 Kudo
Hello, Please consider if you were maybe penetrated via legitimate, but weak password protected, publicly accessible remote desktop links? That's one common attack venue, where hackers find the port, guess the password, get in, install legitimate encryption software, encipher your data and demand a ransom. No malware is involved in that process whatsoever, so anti-virus software cannot do anything in such cases. BR: Tamas Feher, Hungary.
... View more
14-09-2018
04:26 PM
Dear Jari-P, > We have issue with one domain that is sending many password protected Excel files and those are now taken to I'm facing almost the same issue: one domain is sending many password protected Excel files in mail attachment, which should be received by our Exchange / Outlook users for business, but are stopped by the "F-Secure Email and Server Security 12" product. What to do? The particular "*@domain.tld" item has already been added to the FSAVEXCH / Settings / General / Lists and templates / Match List / Domain Exclusion list and that list has been activated under Settings / Transport protection / Inbound mail / Trusted Senders and recipients / Trusted senders. Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.
... View more
14-09-2018
02:46 PM
Dear Vad, Thanks for your response! I was thinking about things like anti-spam add-on integration. Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.
... View more
06-09-2018
03:55 PM
Hello, If a customer uses Terminal Server with a few dozen end users working through remote desktop there, would "F-Secure (Email) and Server Security 12.12" support Outlook 2007 software in such a scenario? Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.
... View more
