To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Hot-Fix: are these downloadable and deployable from PMS?

AndySaab
AndySaab W/ Alumni Posts: 3 Security Scout

Hi!

 

We have just upgraded from a really old f-secure client where we had locally administrated installations and now we decided to use PMS, which seems really nice so far.

 

Three questions remains:

1. Are hotfixes downloaded and deployed to all clients/servers from the FSAUA or are these supposed to be managed using policies and pushed to all clients/servers from PMS and how can i tell what hotfixes are applied to each installation?

 

2. Are all hotfixes included in the JAR-packages from the download page or is the JAR-file "static", meaning that we have to download all hotfixes and deploy them manually (depending on answer on Q1)?

 

3. After installing Server Security on a bunch of servers we discovered that the FS icon is marked with a red cross and, when clicking on it , reporting "malfunction" because no scanners are loaded. If I open the webpage admin on a(ny) of these servers, everything is working as intended. The question here is: is the "malfunction" by design (ie. it should not be possible to perform a scan using the non-web-gui) or have we missed something critical? This is only happening with the Server Security package, Email and Server Security is working fine and also the Client Security is working just fine.

 

Servers are all running 2012 R2, Clients are Window 7 and Windows 10, Exchange server 2013. All servers are patched up completely. We have tried reinstallation (both manually and using PMS to push out the package) several times without success. We cannot initiate a scan using the non-web-gui on any server but there are no problems when using the web-gui.

 

Any ideas/input/thoughts?

Comments

  • AndySaab
    AndySaab W/ Alumni Posts: 3 Security Scout

    Superb, thanks! Already begun the process of deployment to servers, clients and it looks fine so far.

     

    So, of course I have a follow-up question and also a new question :)

     

    1. Does this malfunction in any way impact the products capability to scan on demand or scan in realtime? It looks OK from the web-guis' point of view, we can scan there and realtime scan seems OK. If you suggest that we should re-install the software and remove the OSA, I'll do that, its not a big issue for me actually.

     

    2. Do you have any thoughts on using Exchange built-in spam control together with F-secure Email and Server Security? We have not yet enabled the spam control in Exchange since F-secure is doing a really good job at it so far, I was thinking of testing on one mailbox but I am a bit uncertain because Microsoft (and others) seem to suggest NOT to enable the spam control in Exchange if there is any third party software installed to do the job.

     

    Take care and thanks for the quick reply!

    //Anders

  • Ben
    Ben W/ Alumni Posts: 664 Cybercrime Crusader

    Hello AndySaab,

     

    1.If the Offload Scanning  Agent is installed without SRS server than the scanning and protection will indeed be hindered.

     

    2. It might indeed create some conflict and as Microsoft does not recommend  it, it should be disabled with a third party sofware.

  • AndySaab
    AndySaab W/ Alumni Posts: 3 Security Scout
    Thanks a bunch! I'll get right on it :)

    //Anders
This discussion has been closed.