New here, so hello, and question about endpoint identification and implementation

ITom

hello there

 

I've just signed up with a local partner for F-secure as the endpoint solution for my company. I'll tell you that I've tried just about any big player in the market right now that offers  endpoint protection with centeral cloud management and F-Secure is the winner as far as I am concerned.

 (I fully tested over the last 3 weeks- BitDefender, Trend Micro, Sophos, Mcafree, Kasparskey, Avast, Esset Nod32 and F-Secure)

 

Although the cloud portal isn't the prettiest i've seen, and the policy/profile editor only works in Firefox and can improve some more, the features and flexability and mainly the ability to provide Virus protection for mobile devices under the same portal is the winner for me. Also none other security solution gives me the ability to update software and windows patches remotely as well.

 

I can go on and on but essentially, my choice is where my money and it is here, so yay (well technically it's company money but my budget)

 

To my question:

 

I am about to invite all my end-users (Which most are remote users working in from home or ad-hock office spaces), and I wonder if there's a way to Identify which computer belongs to which user by email (like with mobile devices)? I know that I can create alias for each computer but that will require me to know which computer name belongs to which user and there wasn't a policy on setting computer names prior to my arrival at this company. now 20 users isn't that bad, but I like automation.

 

Hi again and regards

 

Tom

JussiN

Hi ITom,

 

happy to hear you are happy with PSB. There are also rather big renewal going on the PSB Portal UI and the profile editor so please bear with us for a couple of more months with the current one.

 

Unfortunately there is no identification between the email invitation sent (or to be exact the installer the end-user downloads from the link in the email) and the installed client when it registers to the portal. So atm you would need to ask the end-users e.g. to email you their computer name found from "control panel -> system -> computer name" so you would then know who is who when they email those and can add put e.g. their names as aliases.

ITom

Hi Justin

 

I kind of had this feeling that the PSB Portal will get updated soon, seeing how designed f-secure.com is.

 

Thanks for the feed,  couple other quick question:

 

For mobile security, there isn't a locate feature enable in the portal, I thought I saw some thread saying that support can assist with that? Is that so?

 

Also, do you have a good document about schedule scanning in Profile Manager?

 

Regards

 

Tom

JussiN

Locate:
- to enable: on the end-point, turn on the anti-theft feature and set a security code; use e.g. F-Secure Key to keep in your records safely, this is not shown in portal; locate is more is a local feature for the end user as admin cannot run it from portal and does not have access to the security code
- to operate: send SMS to the phone: #LOCATE#security_code (example: "#LOCATE#456238") and you will receive the location as SMS (link to Google Maps with the coordinates)

 

 

Scheduled Scanning:

 

When adding a new task to the Scheduled scanning table, one needs to define:

• Name - The name will be visible in user interface for scheduled tasks on user's computer. Note: each task must have a unique name. The following characters are not allowed in task names: '"<>:/\|
• Task type - It shall be set to 'Scan local drives'. Other types are not supported.
• Scheduling parameters - A command-line type of setting consisting of parameters that determine when the scheduled task is to be executed. The following parameters are supported:
  - Execution time (required): "/tHH:MM", where HH:MM specifies the start time (local time) of task execution; the value is on a 24-hour clock.
  - Execution time, alternative format for "system idle" tasks: "/tiMINUTES", where MINUTES specifies the number of minutes the system must remain idle for the task to start. "/t" and "/ti" parameters are mutually exclusive.
  - Randomization Interval: "/trHH:MM, where HH:MM specifies the maximun time span which can elapse from the start time (local time) of the task to the moment when the task actually will be started; the actual start time will be generated randomly in the bounds of start time and start time plus this interval; the value is on a 24-hour clock.
  - Begin date (optional): "/bYYYY-MM-DD", where YYYY-MM-DD specifies the first date to which the scheduled task execution applies; the year number value must have four digits; if the parameter is not specified then the task's scheduling will apply as soon as the policy with the scheduled task is retrieved by user's computer.
  - End date (optional): "/eYYYY-MM-DD", where YYYY-MM-DD specifies the last date to which the scheduled task execution applies; the year number value must have four digits.
  - Repeat mode (optional): "/rREPEAT_MODE", where REPEAT_MODE has one of the following values: "once" (task will be executed once only), "daily", "weekly", "monthly" (task will be executed once per day, week or month respectively); if the parameter is not specified then the task will be executed daily.
  - Run day (optional): "/sDAY", where DAY is the number of the day in a weekly or monthly execution schedule when the scheduled task should be run. When not specified, the weekly tasks are executed on Mondays, and monthly tasks on the first day of the month always. Multiple days may be specified with multiple /s parameters. For example, /s1 /s5 for a weekly task would cause the task to be executed twice per week, on every Monday and Friday. Similarly, /s1 /s15 /s30 for a monthly task would cause the task to be executed three times each month, on the 1st, the 15th, and the 30th day of the month.
  
  Examples:
  
  "/t18:00 /b2001-10-15 /rweekly" : execute a task weekly starting on Oct 15, 2001 (Monday), at 18:00.
  
  "/ti30" : execute a task daily after the computer has been idle for 30 minutes.
  
  "/t07:00 /rmonthly /s10 /s20 /s30": execute a monthly task at 07:00 on each 10th, 20th and 30th day of the month.
  
  "/t07:00 /tr03:00 /rmonthly /s10 /s20 /s30": execute a monthly task at 07:00 on each 10th, 20th and 30th day of the month with 3 hours randomization interval. So the task actually will be started between 7:00 and 10:00.