[PSB] F-Secure Server Protection (Premium): Main differences compared to PSB Server Security

SergeH

The new F-Secure Server Protection software for Windows is launched on 16/05/2019.

 

It is available for download from PSB portal. It will replace the PSB Server Security software that will reach end of life in February 2020.

 

The Server Protection license is a new name for Server Security license.  This license can be used by both the new Server Protection and the old Server Security software.

F-Secure Server Protection is based on F-Secure Computer Protection, Protection Service for Business’s latest generation of endpoint security client. It inherits all the same features and will be continously improved with silent upgrade in parallel with the Computer Protection.

 

Note: This is a separate product from Server Security 14.0 that is used by our on-site solution, even if they share a lot of code.

 

This new generation boasts a lot of new features and improvements compared to the old Server Security software. We recommend that you upgrade as soon as possible by following the guidance in:

"Server Protection migration - availability starting 11th of July 2019"

 

Note that the old Server Security client may discontinue the support of Software Update at the end of June 2019.

 

Major changes in Server Protection compared to Server Security software

- Architecture

• Significantly revised scanning architecture using the latest technology from the F-Secure Lab, including native support for 64-bit scanning technology.

• Silent upgrades without the need to reboot the computer allowing regular introduction of new features

• Completely revised update technology, bringing significant reduction in network bandwidth usage.

• Deployment: MSI package available with all the same Remote Installation capabilities than the Computer Protection

• Extensible client architecture, allowing easier integration of new features. For example, the Premium features and Rapid Detection and Response (RDR) can easily be activated.

- Firewall

 

• Remotely managed Microsoft Firewall: PSB portal display the windows Firewall status and allows to configure specific Firewall profiles.

- Device Control

• To restrict the usage of USB devices, such as a memory stick

• Provide visibility to the USB devices of a server

- Software Update

Server Protection comes with the latest generation of patch management. 

• It clearly display the status of the missing software updates.

• It never forces reboots on servers.

• It continues to install updates even if reboot is requested by one of updates. It means, even if there is no reboot on server, SWUP continues to work and install next updates. In previous version it would just stop and wait for reboot.

• There is an option now in profiles to hide all reboot dialogs and notifications on servers (and workstations as well) - it's useful on terminal servers, for instance.

• Scheduled update can be installed next time the computer resume or restart (depending on settings). In previous version, it would wait for next schedule update.
• Ability to ignore certain applications by excluding them from the scan
• Local user interface for viewing and managing Server Updates 

 

- Remote change of subscription key (without re-installation) from PSB portal

• The server automatically take into use the new product associated with the key (e.g. Server Protection Premium). That replaces the ability to change the key from the local UI.

- Profile management is simplified

• Server Protection profiles are under their own tab and not mixed with Computer Protection profiles
• Computer Protection profiles can be copied to Server Protection and vice versa
• It is possible to import of export configurations (e.g. exclusion or firewall settings) from a profile to another as described in Import / export rows to all tables -feature is now available for Computer / Server / Mac Protection profile editors

- Remote quarantine management

• A quarantined file can be allowed or deleted from PSB portal

- Remote isolation is possible from PSB and RDR portals

• The isolation is based on strict firewall profile and block all external connections.
• The administrator can configure a specific isolation profile in order to connect with its remote management tool.

- Active Directory (AD) filtering

• By searching an AD domain in the device list view, only the computers and servers using this domain are displayed. It is possible to view only Server Protection.
• A new category for Active Directory is also available.

- Remote diagnostic file (fsdiag)

• In case of problem with a computer, the PSB administrator can select the server and request a diagnostic file to be uploaded to F-Secure. The administrator should then provide the reference number (available from the device operations tab, or the view fsdiag operation in support page) to F-Secure in a support ticket.

- RMM Support (Remote Management and Monitoring)

• The integration is the same to Computer Protection integration with RMM software as described in our documentation: Using third party RMM tools

- Improved visibility in device details view

• Scan report in portal: If an admin suspect an issue with a Windows Server, it will be able to check the latest scan report (it might be a scan triggered from portal, or scheduled or manual) remotely.

• Active Directory information: Active Directory name, Organizational unit, Domain Components and GUID are visible.

• Domain and Windows name are visible
• Security Parameters: Disk Encryption Status and Password strength are displayed

- Client customization

A Solution Provider (SOP) can now customize the F-Secure clients (Computer and Server Protection) with his logo in the bottom left corner, and associate a hyperlink to its support site. Its logo and associated url can be added by going in the account page, in the action menu, below "Customize portal" to the new "Customize client".

 

- Pilot mode (see Computer/Server Protection piloting)

In profile editor  (Computer Protection for Windows and Server Protection), general setting, "Pilot client" can be activated in order to receive new version of F-Secure security software one week before their general availability.  We recommend that our partners use this mode to get a preview of new features and to communicate accordingly to their customers.

 

- Client notifications are configurable: shown to all, only to users with admin rights, not shown

Admins can configure now who can see notifications and reboot dialogs or even disable them. A typical use case is to restrict notifications on a server (Server Protection clients only) only to users with admin rights.  

 

Server Protection Premium

The Premium offer can simply be activated by upgrading the subscription or remotely changing the key without any action required on the client. It includes:

- Application Control

• Providing fine grain rules to control the applications running on a server.

• Default security rules to block the most common threats providing yet another layer of defense

• Configurable rules to block or allow applications and scripts

• White and black list

• Monitoring mode to evaluate rules before enforcing them

- DataGuard

Protecting specific folder to block for example ransomware from modifying them. It allows:

• To define applications that are always given access to modify files and folders protected by DataGuard. 

• To define folders on which DataGuard protection is applied.

 

Support for Rapid Detection and Response (RDR) 

RDR can simply be activated by upgrading the subscription or remotely changing the subscription key without any action required on the client.

RDR is an automatic advanced threat identification, that allows an IT team or managed service provider to detect and stop targeted attacks quickly and efficiently. It consists of:

• Lightweight sensors monitor your endpoint users' behaviour and stream the events to F-Secure cloud in real-time.

• F-Secure's real-time behavioural analytics and Broad Context Detection™ distinguish malicious behaviour patterns and identify real attacks.

• Visualised broad context and descriptive attack information make confirming a detection easy. F-Secure Partner or your own IT team manages the alerts, and there's an option to elevate tough investigations to F-Secure.

• Following a confirmed detection, our solution provides advice and recommendations to guide you through the necessary steps to contain and remediate the threat.

 

Support for full range of servers introduced with 19.4 release

• Citrix: this release starts support for Citrix (excluding the imaging scenarios that require recognizing new license uses as same) 
• Terminal Server

 

Features under study ( NOT supported):

- Support for Microsoft Hyper-V and VDI

- Support for Email and Server Protection

• Providing support for Sharepoint and Exchange Server

Features dropped:

- Support for Windows Server 2003 and Windows server 2008 original build (but Windows Server 2008 R2 is supported)

- The local web console is removed and replaced by the User Interface (requiring .NET 4.7.2 or later)

- Neighborcast: The bandwith usage is greatly reduced with Server Protection. F-Secure End Point Proxy (with the coming version PMP 14.21) will in addition introduce the ability to cache software updates.

 

etomcat

Hello,

 

Just to make things clearer, are we talking here about the outgoing version 12.x software and the incoming v14.00 software, for the protection of Windows file servers?

 

Best Regards: Tamas Feher, Hungary.

SergeH

Hello,

This product is actually for PSB our cloud solution.

This is a separate product from Server Security 14.0 that is used by our on-site solution, even if they share a lot of code.

 

But thanks for the question I clarified it in the article as well.