Policy manager - Autodiscover window and installing updates

Hello

How come (in the autodiscover window) that the console is unable to register the installed version of FSMA?

As seen on the below screenshot, all are registered as unknown or unknown, unavailable. This has been the case for as long as I can remember (We have used F-secure for several years). I would be nice to know if the clients are updated or dont have anything installed!

Another issue that has been bugging me is that the console is unable to bypass the firewall on the F-secure klient version, so you cannot roll out updates without disabling the firewall first. I take it there is a way to setup access between the management server and the client in the firewall settings? Anyone know what I should add to make it work without disabling the firewall?

Thanks in advance

Find more posts tagged with

Comments

thommck

I was getting this on Windows 7 PCs that I had pushed the installation too.

I started the "Remote Registry" service from the PCs' Windows Services Management Console and the Auto-discover then worked as expected.

If you change the services startup type to "automatic" then it should start up when the PC does.

I was thinking of doing this through group policy but that may open up more security holes than it may be worth?

jhc_dk

Thanks for your lengthy reply, but we stalled at the inability of the "autodiscover windows hosts" window to display the installed fsma version (unable to connect to registry problem).

I have tried to grant access to lots of f-secure registry settings with a gpo, but still the manager can't access that information.

I am able to deploy f-secure from that window, although new clients aren't showing up in the console (even when they are forced to generate a unique ID), but that's for another topic, I guess. It's been a while since I dug deep into the f-secure issues, but there seems to be so many issues, once you get going.. it's hard to recommend the product, but we are getting it cheap as a school license, so I guess we will just have to live with these annoying bugs.

jackma

Hi,

I cannot comment on your direct effect you have, you should contact support for that: http://www.f-secure.com/en/web/business_global/support/contact

But I believe you are trying to upgrade already installed F-Secure clients?

Then optimally not a push installation should be used, but our policy based installation type. Is there a reason you do not prefer it this way?

There is a "installation" tab where you will see how many systems have which version of the product installed. Unfortunately that will not help you identify which systems have no F-Secure at all - but by using the auto discover hosts you are also only relying on seeing online hosts, hosts switched off will not give any feedback at all.

Possibly a rollout script can also help make sure the product is installed everywhere like this one :

Example script (install.bat):

ECHO OFF
IF EXIST C:\dummyfile.0 EXIT
START /WAIT psbinstallationfile.exe /SILENT /K:xxxx-xxxx-xxx /LANG:ENG /REBOOTDELAY:360
PRINT > C:\dummyfile.0
EXIT

Comment: The script will obviously have to be run with at least local administrator privileges. It will not install the products twice as long as it can find the C:\dummyfile.0 file which is checked before the actual installation starts.

jhc_dk

I take it there is no solution to this problem?

MJ-perComp

I guess that is because it is searching the old 32-bit entries...

jhc_dk

Im guessing I have to enable remote access to some registry settings (?) - but which?

I tried enabling remote access to:

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Data Fellows\F-Secure\Management Agent

Which has a version number and other info, but client fsma version is still being listed as unknown.

jhc_dk

Well neither are running. So that's not the answer

MJ-perComp

To resolve the Version PMC would need access to the remote registry which is blocked by either Windows Firewall or F-Secure Firewall.

daempii

Hi there. This may be old, but I still want to know if this problem has been fixed or any feature has been added to resolve this? Thanks.