E-mail and Server Security 9.20 RTM

Dmitriy

Hello all,

 

I am glad to let you know that F-Secure E-mail and Server Security 9.20 has been released to manufacturing. The new release will be available on F-Secure Webclub shortly. The partners can already find the release notes and installation packages on the Partner Download page.

 

Below are the key features and enhancements implemented in E-mail and Server Security 9.20 release:

• F-Secure Policy Manager 10 compatibility – the product is fully compatible with the latest version of F-Secure Policy Manager.
• Configurable host identity – when deploying the product with F-Secure Policy Manager, the managed host can be identified either with SMBIOS UID or with a randomly generated GUID.
• DeepGuard – improved protection that utilizes real-time behavioral analysis and F-Secure cloud based reputation system.
• Browsing Protection – end users working on a terminal server can safely browse the Web and stay protected against browser exploits and rogue web sites. Browsing Protection supports the following Web browsers: Internet Explorer (32-bit only) and Mozilla Firefox (32-bit only).
• Cloud-Based Security ­– the information about new threats and dangerous sites is collected from customers all over the world on cloud-based technology. You can choose to participate in Real-time Protection Network to contribute to Cloud-based security, which transfers information from the product installations to cloud and back.
• Process exclusions – you can exclude trusted processes from real-time scanning.
• Max number of concurrent scans – you can configure the maximum number of concurrent scanning threads.
• Possibility to disable manual scanning for end users – you can disable manual scanning for all users or to enable it for users with administrative rights only.
• Database update check randomization – to mitigate the so-called “AV storm” effect on virtual environments, database updates can be checked with a random interval at the system startup.
• Support for new platforms – the new release is compatible with Microsoft Exchange Server 2010 SP2, Small Business Server 2011 (Standard edition), Citrix XenApp 6.5.
• New Microsoft SQL Server Express – included the latest version of Microsoft SQL Server 2008 R2 Express (32-bit) that increases the database size limit from 4 GB to 10 GB of storage per database.
• New languages – localization to the following languages has been added to Server Security components: Polish. E-mail Security components have been localized completely anew to the following languages: German, French, Japanese, Italian, Spanish, and Polish.

More details can be found in the release notes.

 

Please note that F-Secure E-mail and Server Security will replace previous F-Secure Anti-Virus for Windows Servers, F-Secure Anti-Virus for Citrix Servers, and F-Secure Anti-Virus for Microsoft Exchange products.

 

Many thanks to those who participated in the Beta program and sent us feedback!

 

Cheers,

Dmitriy

etomcat

Hello,

 

I would like to have some clarification about the following observations:

 

- There are two large JAR files posted for this new product on the F-Secure Webclub portal:

 

One JAR for Windows Terminal Services and File Server Protection and

Another for the combined defence, with Exchange AV+ spam filter functionality

 

I do not understand this situation, since the 9.20 deployment guide warns that Exchange protection can only be installed locally?

 

- Also, the locally installable .EXE file for the F-Secure 9.20 Windows Terminal Services and File Server Protection is the same huge file as the combined Exchange defence. Is that a mistake on WebClub?

 

(On the partner website I see that the locally installable TRIAL .exe file for the F-Secure 9.20 Windows Terminal Services and File Server Protectionhas a normal, small 60MB size, not 180MB.)

 

Thanks in advance, Sincerely: Tamas Feher from Hungary.

Dmitriy

Thanks for asking. I hope that the following table will clarify which product licenses and installation packages should be used in different scenarios:

 

Protection for	Product / licenses	Features	Standalone installation package	Remote installation package
File servers	Server Security	Virus and spyware protection DeepGuard	ess920.exe	ss920.jar
Terminal servers	E-mail and Server Security	Virus and spyware protection DeepGuard Browsing protection	ess920.exe	ess920.jar
Exchange servers	E-mail and Server Security	Virus and spyware protection DeepGuard Browsing protection Anti-Virus for MS Exchange Spam Control	ess920.exe	remote installation not supported

 

There are separate evaluation installation packages: ss920-eval.exe and ess920-eval.exe that come with predefined Server Security and E-mail and Server Security evaluation licenses respectively.

etomcat

Hello Dmitriy,

 

I don't really understand this one. In order to protect remote workers using RDP on a Windows Terminal Services Server with the FSAV 9.20 product , the customer should have an "E-mail and Server Security" (=Exchange protection) Licence from F-Secure.

 

The two things seem to be completely unrelated? In fact I find it much unlikely that any terminal services purposed Windows Server would run Exchange on the same box, considering the very different workloads.

 

Please clarify this topic for us!

 

Sincerely: Tamas Feher from Hungary.

Dmitriy

It is probably confusing, but don't treat E-mail and Server Security as FSAV for Exchange. When you deploy E-mail and Server Security on a Windows Server that does not run Microsoft Exchange, then the setup program does not show/install AV for Exchange (and skips required SQL Express). 

etomcat

Hello Dmitriy, Thanks for the response! What is the situation with virtualization (tech and licensing)? For example a customer has 120 FSAVCS on the client side and they have 4 physical server hardware with Windows 2008 R2 Datacenter Edition, running Microsoft Hyper-V. They have those four server hardware partitioned for a total 15 virtual machines, each VM running Windows 2008 R2 Server Standard Edition. Two of those virtual servers do Active directory, Two run SQL 2008 servers, clustered together Three doing SCOM / SCCM / WSUS management duties Four of those virtual servers do Exchange 2010 Standard (2 x dual-host clusters) One BlackBerry BES, One F-Secure (probably FSPM) One TinLib One LT Auditor In such case, should each Windows 2008 system have FSAV (E)SS 9.20 installed locally, without consideration for their physical or virtual hardware nature? Will the four physical hardware be able to support the 15 virtual machines after all 19 Windows installations received locally installed FSAV (E)SS 9.20, or do you expect major resource expansion requirements? (CPUs added, RAM added, HDD throughput choke, etc.) What should be the licensing? Should each non-Exchange Windows 2008 host be licensed as one full server? (I think it is simpler for Exchange-running machines, since they licence "based on the number of users who have access to the services provided by the product".) Thanks in advance, Sincerely: Tamas Feher from Hungary.

etomcat

Hello Dmitriy,

 

What is the situation with virtualization (tech and licensing)?

 

For example a customer has 120 FSAVCS on the client side and they have 4 physical server hardware with Windows 2008 R2 Datacenter Edition, running Microsoft Hyper-V.

 

They have those four server hardware partitioned for a total 15 virtual machines, each VM running Windows 2008 R2 Server Standard Edition.

 

Two of those  virtual servers do Active directory,
Two run SQL 2008 servers, clustered together
Three doing SCOM / SCCM / WSUS management duties
Four of those virtual servers do Exchange 2010 Standard (2 x dual-host clusters)
One BlackBerry BES,
One F-Secure (probably FSPM)
One TinLib
One LT Auditor

 

In such case, should each Windows 2008 system have FSAV (E)SS 9.20 installed locally, without consideration for their physical or virtual hardware nature?

 

Will the four physical hardware be able to support the 15 virtual machines after all 19 Windows installations received locally installed FSAV (E)SS 9.20, or do you expect major resource expansion requirements? (CPUs added, RAM added, HDD throughput choke, etc.)

 

What should be the licensing? Should each non-Exchange Windows 2008 host be licensed as one full server?

 

(I think it is simpler for Exchange-running machines, since they licence "based on the number of users who have access to the services provided by the product".)

 

Thanks in advance, Sincerely: Tamas Feher from Hungary.

MJ-perComp

Hi,

may I ask why this discussion in in the public forum?

I feel it should be in the partner area!

BR

Dmitriy

Fully agree with Matthias. Please discuss licensing related matters on the partner dedicated area.

etomcat

Nevermind, I just got an official response from FSC Partner Support.

 

BTW, I think it should not be hidden discussion as long as it is about generic licencing concepts, not prices in euros. Excessive secrecy leads to sinister things.

etomcat

Hello,

 

Is there an independent number or percentage, that can be quoted for the anti-spam efficiancy of the FSAV ESS 9.20 RTM product? (Not the specialized F-Secure Proofpoint MSGW 7 appliance.)

 

Thanks in advance, Sincerely:

Tamas Feher, 2F 2000, Hungary.

suntattood

Agreed. As long as there are no vital information that has been spilled, this thread should be placed in public.