To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Capteur EDR

Options
dsinpx
dsinpx W/ Member Posts: 2 Security Scout
edited July 5 in About our Community

Bonjour à toutes et tous !

Je rencontre un problème avec le capteur EDR suite à des mises à jour de Windows 11.

J'ai le message suivant : " L'état du capteur est temporairement indisponible "

J'ai désinstallé et réinstalle l'agent WithSecure mais le problème reste le même.

Avez-vous déjà rencontré ce problème ?

Merci

Answers

  • Sethu Laks
    Sethu Laks W/ Partner, W/ Staff, W/ Moderator Posts: 250 Moderator
    Options

    Hi @dsinpx

    Thank you for reaching out to the WithSecure Community!

    Currently, our community page offers support in English. Please repost your query in English to avoid any confusion.

    Thanks

    Sethu

  • dsinpx
    dsinpx W/ Member Posts: 2 Security Scout
    Options

    I have a problem with the EDR sensor after Windows 11 updates.

    I have the following message: "The sensor status is temporarily unavailable"

    I have uninstalled and reinstalled the WithSecure agent but the problem remains the same.

    Have you ever encountered this problem?

    Thanks

  • JamesC
    JamesC W/ Partner, W/ Staff, W/ Moderator Posts: 526 Moderator
    Options

    Hi @dsinpx

    Thank you for the reply.

    You need to ensure that you have allowed the network traffic to the following addresses in your network firewall:

    doorman.sc.fsapi.com, port 443
    baseguard.doorman.fsapi.com 443
    obus.sp.f-secure.com, port 443
    orsp.f-secure.com, port 80
    cacerts.digicert.com, port 80

    Do allow network traffic to these hostnames with wildcard too:

    *.f-secure.com
    *.fsapi.com

    You should also ensure that F-Secure Security Cloud is enabled in your software configuration.

    For Business Suites product
    a) Logon to Policy Manager Console.
    b) Click Settings with advanced View.
    c) Under Settings tab, go to F-Secure Security Cloud Client > Settings > Client is enabled
    d) Select Yes.
    e) Distribute the policy.

    For Elements product
    a) Logon to Elements portal and click Profiles tab.
    b) Select the assigned profile.
    c) Go to Real-time Scanning > Use Security Cloud
    d) Enable the service.
    e) Click Save and publish changes.

    If network traffic is allowed and the Endpoint Detection & Response still not connect, do try this workaround and check if it helps.

    1. Set the registry value "CorporateMode" = "false" in HKEY_LOCAL_MACHINE\SOFTWARE\F-Secure\Ultralight\updates
    2. Execute "C:\Program Files (x86)\F-Secure\PSB\Ultralight\ulu\1591258926\install.exe" as administrator.

    NOTE: The folder "1591258926" represent the ULcore update version. It can be named as different number. Do select the highest numbers which has latest update version.

    This should trigger the installation of F-Secure ulcore channel update and other missing updates.

    1. Open the Endpoint Detection & Response software, go to Settings -> Updates and click on "Check for updates".

    It will take several minutes for the missing updates to download and start installing. DO NOT reboot or interrupt the process.

    If the issue persist, run the F-Secure Uninstallation Tool at here, restart the machine, and reinstall Endpoint Detection & Response software.

Categories