To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

F-Secure Server Security 14.00 can't update in DMZ

Pand
Pand Posts: 9 Security Scout

Hello 

 

I have server in DMZ with internet connection without connection to my Policy Manager located outside DMZ. 

 

I updated FSS from 12.00 to 14.00 and I can't download update database from Internet. When I try to dwonload update i have status "waiting for connection" 

 

As I remember in 12.00 there was no problem and updates are downloaded automatically from internet. Due to secure reason I don't want to open ports on my firewall in dmz to connect Policy manager. 

 

FSS 14.0 is trying to connect Policy Manager and download updates from there?  

How can I update FSS14.0? 

 

Thanks

Pand

Comments

  • Pand
    Pand Posts: 9 Security Scout

    Logs is showing

    Update check failed, error=210 (unable to resolve host)

    Connection failed

  • JamesC
    JamesC Staff, Moderator Posts: 545 W/ Moderator

    Hi Pand

     

    The update server is different for 14 version, which could be the reason you are not receiving updates.

     

    You need to ensure that the connectivity to our public update server (guts2.sp.f-secure.com) has been whitelisted in your environment, and check that GUTS2 fallback has been enabled.

     

  • Pand
    Pand Posts: 9 Security Scout

    Hi Jamesch, 

     

    Thanks for your reply. 

     

    I would like to inform that guts2.ap.f-secure.com is whitelisted in my environment. F-secure server still try to connect to my Policy Manager which is outside DMZ and blocked by firewall. I would like to avoid allow to connect from DMZ to enterprise network.

     

    I need to install standalone f-secure security server 14.00 on my server located in DMZ but updates  be from internet. It current state it doesn't work.  

     

    How I can force F-Secure Security Server to download database updates directly from f-secure servers? 

     

    Below is screen from FSS14.00 and AUA logs.

     

    image.png

     

    Thanks, 

    Pand

  • JamesC
    JamesC Staff, Moderator Posts: 545 W/ Moderator

    Hi Pand

     

    Have you checked your fallback settings ? If issue still persists, moving forward, we will investigate your case which you have submitted.

     

    Capture.JPG

     

    For standalone new installations, product will need at least 3 hours to download all the Ultralight component and the rest of the updates.

     

    You do not need to restart the machine even reboot prompted, until all updates are installed (3+ hours required).


    If you restart earlier, not all updates will be present, and the new up to 3+ hours round will be needed to complete the download after boot. And restart dialog will be shown again in 20 minutes.

     

    Please only restart after all updates are installed (3+ hours required).

     

    It will behave as below:
    ============================================================
    1. First approach downloads ULU handler
    2. Second approach downloads ulcore
    3. Third approach downloads all the rest UL db updates
    4. Each one happen after failover timeout which is 1 hour interval

    ============================================================

    The behavior can be seen from AUA.log
    2019-07-18 17:13:46.508 [0a2c.0cc0] I: Connecting to guts2.sp.f-secure.com
    2019-07-18 17:13:46.819 [0a2c.0cc0] I: Downloaded 'F-Secure Ultralight Updater Update 2018-09-18_01' - 'ulupdater-win64' version '1537259154'
    2019-07-18 17:13:46.819 [0a2c.0cc0] I: Update check completed successfully
    2019-07-18 17:13:46.819 [0a2c.0ff0] I: Installation of 'F-Secure Ultralight Updater Update 2018-09-18_01' : Processing
    2019-07-18 17:13:47.475 [0a2c.0ff0] I: Installation of 'F-Secure Ultralight Updater Update 2018-09-18_01' : Success
    2019-07-18 17:13:48.663 [0a2c.0cc0] I: Connecting to wait.pmp-selector.local
    2019-07-18 17:13:48.663 [0a2c.0cc0] I: Update check failed, error=210 (unable to resolve host)
    2019-07-18 17:13:48.663 [0a2c.0cc0] I: Connecting to wait.pmp-selector.local

     

    After it downloads the Ultralight handler, it will try to connect back to the Policy Manager Server. In this period, product still not protected since the rest of Ultralight component still not downloaded. It needs to wait another fallback for the 2nd approach and so on.

  • Pand
    Pand Posts: 9 Security Scout

    Hi, 

     

    Many thanks for your support! 

     

    Yesterday I noticed that after installation FSS 14.00 updates were completed after 2 hours. 

     

    Problem with installation in DMZ is solved now :)  I wasn't aware about such long time. 

     

    Best regards, 

    Pand

This discussion has been closed.

Categories