Best Of
Re: F-Secure: left hand doesn't know what the right hand is doing? (PSB remote FSDIAG confusion)
Hi Tamas,
The F-Secure Labs Team will consider about using the remote FSDIAG feature after checking on the possible GDPR constrains of granting the access to the team.
For the meantime, please take note that for malware and false positive incidents, we do still require the file samples to be submitted at the first stage.
While FSDIAG may be useful at a later stage during an ongoing case investigation, FSDIAG doesn’t contain the actual detected samples that we require to fix a detection. In most cases it is often sufficient to submit the affected file samples without requiring an FSDIAG to resolve the case.
Thank You.
MonikaL
Re: Prevent Users from installing certain applications
Hi NinjaLee,
You can create application control rule to block the installation with the below conditions under the Profile in PSB portal.
1. Event: Installer start
2. Action: Block
3. Target signer name: " "
4. Target has trusted signature: " "
Thank you.
MonikaL
Re: Agent for Windows and Server Changelog
A new version of the endpoint clients is made available. As per the new Early access process, it is available first week for clients with "Early access to client software" setting set on in Portal and full availability starts in one week.
The release of clients makes available these products to install with an appropriate subscription key:
- Computer Protection 19.5 (4.05.1065)
- Computer Protection Premium 19.5 (4.05.1065)
- Computer Protection & Rapid Detection and Response 19.5 (4.04.1065)
- Computer Protection Premium & Rapid Detection and Response 19.5 (4.05.1065)
- Server Protection 19.5 (4.05.1065)
- Server Protection Premium 19.5 (4.05.1065)
- Server Protection Premium & Rapid Detection and Response 19.5 (4.05.1065)
The endpoints get automatically upgraded, generally without a reboot.
This release introduces:
- Custom Restart Postpone for Software Updates. Software Updater reboots introduce more configurability and longer times until a reboot must happen.
- Combined Software Update Reboots. We have added logic for not requiring a reboot for every update separately if combining them is possible.
- Default Block Illegal Sites. We turned on the browsing protection setting to Block Illegal sites by default after analysing its contents in more detail to reflect our recommendation. The category includes child pornography.
- Fixes and Improvements. We have fixes a number of issues, particularly around proxied environments.
Should you notice anything worth a mention or question, we always welcome your feedback.
On behalf of the R&D team working on the endpoint Windows clients,
Maaret
maaretp
Re: Linux Agent LS64 Changelog (Elements, Business Suite, Standalone)
F-Secure Linux Security 64 Update 12.0.35 Release Notes
Change Log
- CSLP-3327: Uninstalling Linux Security 64 now properly stops and removes all the associated services.
- CSLP-3289: Alerts are now visible in system log.
Known Issues
- CSLP-3319: Manual scanning cannot be invoked from Policy Manager Console.
- CSLP-3320: Scheduled scanning reports do not contain checksums of the detected files.
- CSLP-3321: Scheduled scanning reports do not contain engine names and versions.
- CSLP-3322: Command-line and scheduled scanning also applies malware actions to files that are part of integrity checker baseline.
- CSLP-3323: Manual channel updates cannot be triggered from Policy Manager Console.
Samuel_L
Re: Antivirus deleteing teamviewer .exe file cannot exclude.
Hi,
I downloaded the Teamviewer client v. 14 and could not immediately reproduce your problem. Would it be possible for you to submit the false positive file (the exe that gives you trouble) for our labs at https://www.f-secure.com/en/web/labs_global/submit-a-sample.
Maaret
maaretp
Re: How do I block a smartphone on PSB
Hi Carlos2285
To block/disable mobile phone via Device Control from PSB web portal, you need to block the following device classes.
Please add a device access rule as below, and let me know if it works:
Display name: Mobile Phone storage
HardwareID: USB\Class_FF
Access level: Blocked
Repeat this rule with the below mentioned device classes to block all smart phones:
HardwareID: USB\Class_00
HardwareID: USB\Class_08
HardwareID: USB\Class_02
HardwareID: USB\Class_EF
JamesC
Re: Quarantine rules for Fw | CS 14.02
Hello Vincent,
Network isolation rules are the firewall rules applied when a managed host gets isolated. It can become isolated either due to Network quarantine feature when certain criteria are not met, or get isolated manually by Policy Manager administrator using Operations > Network isolation > Isolate remote operation. The same isolation rules will be applied in both cases.
Best regards,
Vad
Vad