Elements Endpoint Protection Portal Changelog

PetriKuikka

Hi,

 

a new release being rolled out with just some changes for the upcoming F-Secure shared authentication features. More information on it at https://community.f-secure.com/t5/Protection/PSB-Portal-user-migration-to/m-p/108739/highlight/true#M1106

 

PSB Team.

witkkr

Hi,

 

A new release is being rolled out with following changes:

 

- Home, device listing and details views contains now elements related to Rapid Detection and Response

- Mac installer for Rapid Detection and Response Standalone available in Download view

- Downloading EXE/Mac installers for Computer Protection/Rapid Detection and Response will now use wizard that will include subscription keycode indownloaded file.

- Setting channel upgrade date is restricted

grzemus

Hi!

 

Starting from the 14th of November 2018 it is possible to change subscription to Computer Protection and RDR and Computer Protection Premium and RDR. 

 

Regards,

PSB Team

PetriKuikka

Hi,

 

A new release is being rolled out with following changes:

• Remote Isolation is a new Computer Protection security feature allowing to isolate a computer with an operation from PSB portal. It deploys a strict firewall policy that effectively blocks all communications to and from this computer. It provides the last resort option for an admin if a serious security risk is suspected. For Rapid Detection and Response (RDR) customers, isolation may be triggered by the automatic detection of a security risk. The isolated state of the device is then clearly visible on PSB portal and in RDR portal. Note! This isolation feature works only with clients with version 18.17 or newer.
• Fixed isssue in Computer Protection profile editor where "Allow Other Rules" option gets switched back on if you edit any rule in the firewall rules table.
• Improved error handling for scenarios where you try to install e.g. Rapid Detection and Response standalone installer with CP+RDR subscription.
• If company has not yet migrated to Computer Protection, 'Add device' wizard prohibits use the of 'Computer Protection and RDR' / 'Computer Protection Premium and RDR' subscriptions. These subscriptions types do not work with Workstation Security installer.

PSB Team

PetriKuikka

Hi,

 

a new release with following changes has been rolled to all PSB portals:

• Fix for Profile management for Dataguard is now available. Administrators can now configure Dataguard amd Application Control settings for companies with only Computer Protection Premium + RDR subscription.
• Change subscription key within a Solution Provider: Previously, the change of subscription key from PSB portal was limited to subscriptions within the same company.
• Add ability to control suspicious files uploads to cloud in UI: Previously, it was possible to control this setting only from the client. However, a company may wish to control it due to a company policy or in special cases to limit uplink traffic. In some cases, the Capricorn engine may initially generate a bit more uplink traffic, so the admin will now be able to mitigate the issue.
• Password Protection: a possibility to remove a single device used by user.
• Mac Profile editor: a possibility to set a scheduled scan for malware (corresponding Mac client is being released).
• REST API: All devices can be exported as JSON providing faster listing.
• All UI error messages now containt the transaction ID for faster support.
• Help text to explain the possibility to use the +notation when email is already in use in the share F-Secure authentication services.

 

PSB Team

PetriKuikka

Hi,

 

a new release is being rolled out to all systems with following changes:

• Firewall disabled by GPO are highlighted on portal: Previously if the firewall was activated according to PSB policy, but if the full Windows firewall was disabled by GPO on the computer, we did not notify the admin. With this change, Windows FW disabled by GPO will be highlighted to the admin. The admin may also use the filter to find all FW disabled by GPO
• Password Protected uninstallation: Previously the PSB portal allowed to allow or not the user to uninstall. Now this change allows to let users knowing the uninstallation password to uninstall.
• Optimized login: The flow is streamlined so that PSB only offers a login button, and both user name and password are entered on OneID Login page. At the same time the functionality to help admins with conflicting users has been removed from the login flow.
• Change password is now only possible through the F-Secure authenticaton service mechanism (previously changing the password through PSB UI was also possible).

PSB Team

PetriKuikka

Hi,

 

new release with following changes is being deployed to all production portals:

• Speed up the PWB Workstation 12 to Computer Protection channel upgrades so that 10% of the subscriptions are upgrade every day.
• Better home view for the first time users who haven't yet installed devices.

PSB Team.

PetriKuikka

Hi,

 

a new release is being rolled out to all PSB systems. This release brings mainly internal performance improvements for the upstream status processing and then some minor UI bug fixes and localizations.

 

PSB Team

Jean-Pierre

Hi,
 
A hotfix release to 1.0.63 is now available with the following fixes:

• Missing Software Updates are now reported well in main section and device details section. The software updates installation button is also available again for you to select and install the patches.
• When Workstation Security upgrades automatically to Computer Protection, if for any reason multiple devices send the same identifiers, we now avoid collisions and overwriting of existing channel upgraded device.

 
PSB Team

Maciej

Hi,

 

We released new PSB version to AMER, APAC and EMEA regions. Features:

• Added incremental statuses to long running remote actions
• Fixed not receiving all Infection alert (reported to user) via email
• Now using disabled toggles instead of ON/OFF state in Dataguard for readonly user
• Now error flyers are now better overlapping the field the validation error comes from
• Fixed deleting an entry in excluded Web Traffic Scanning in RTS section of CP profiles
• Display error message when:
  • Root admin whose ip is not whitelisted tries to login
  • Admins IP address changes within the session
    
• Read only user gets 403 when trying to create a computer protection profile
• New Active Directory category in computer list view and possibility to search with AD values
  • If a customer admin want to see only the devices belonging to specific AD, they can search with it and get a filtered view. Then they may select all to perform some Remote Action.
• Added WINS support to firewall auto profile selection: Automatic Selection of profile is very useful when the customer needs to use the same profile in different sites having different firewall requirements. It allows to select the right firewall profile based on some info such as DNS IP address, Default Gateway IP address and now WINS Server IP address

 

PSB Team

Victor-R

Hi

 

The issue regarding Software Updates not been reported properly on PSB portal described here has been today fixed in all regions

 

We apologize for the inconvenience

 

PSB Team

 

PetriKuikka

Remote diagnostic file (fsdiag): In case of problem with a computer, the PSB administrator can select the computer and request a diagnostic file to be uploaded to F-Secure. The administrator should then provide the reference number (available from the device operations tab, or the view fsdiag operation in support page) to F-Secure in a support ticket.

 

Note that:

• the end user is request to accept the operation
• the partner has no access to the fsdiag
• the fsdiag is deleted after two weeks

PSB team

etomcat

Dear Mr. Petri Kuikka,

 

- I wish to point out that remote FSDIAG apparently only works with CP 19 security software, but now with the remaining FSAV PSB WKS 12.01 computers.

 

- Please also introduce remote file sample submission, as I have great difficulty reporting false malware alarms in FSAV PSB, owing to the difficulty of collecting binary samples within such a dispersed computer population. I'm afraid that feature wish, while already registered, may remain in the developer's limbo list forever.

 

Thanks in advance, Yours Sincerely:
Tamas Feher, Hungary.

fedool

---

@etomcat wrote:

Dear Mr. Petri Kuikka,

 

- Please also introduce remote file sample submission, as I have great difficulty reporting false malware alarms in FSAV PSB, owing to the difficulty of collecting binary samples within such a dispersed computer population. I'm afraid that feature wish, while already registered, may remain in the developer's limbo list forever.

 

We are going to introduce remote quarantine management feature fairly soon and sample submission feature may be possible to implement in that scope. I will check if that's possible.

Woudn't that be nice if you could submit false positive from portal from the "Infections" list?

etomcat

Dear Fedool,

 

Thanks for your quick response!

 

> Woudn't that be nice if you could submit false positive from portal from the "Infections" list?

 

Yes, certainly!

 

(The main problem for me currently is when schools use FSAV PSB, where pupils write program code during IT class but Deepguard false alerts on them. Since the files are entirely new, I can't do anything with their SHA1 hash reported in the alert, as they can't be found on Virustotal, etc. They also have zero reputation and zero prevalence, so the virus lab also can't help me without access to the binary file sample.

 

Another problemful situation is when FSAV PSB makes a potentially false virus alarm, but only the file path and name are provided in the alert, without hash value. I think some of the multiple scan engines inside F-Secure don't support the hash? Anyhow, that way I can't precisely verify if the file is known to Virustotal, etc., so I cannot report it to the virus lab without a binary sample and I can almost never obtain that.)

 

These kind of catch-22 situations could be solved like a gordian knot only if remote file sample submission became possible one way or another.

 

In fact, I would say "remote quarantine management" feature is dangerous without also having remote sample submission! I mean the observer of PSB SoP/SeP webportal is physically distant from the end user customer, who experiences an alleged false alarm. It's not responsible to restore and allow a quaratined file without first verifying its benign nature either in person or via Virustotal, etc. (but FSAV seldom provides the SHA-1 in alerts) or having received a second opinion from the virus lab upon sample submission.

 

It would be risky to rely on just the customer's word over the phone that the file is OK and worthy of restoration from quarantine. (You can't imagine the daily amount of activator, crack, warez, patch, serialz, spyware-in-shareware, fake freeware, etc. related malware alerts in see in an 5000-ish endpoint PSB SoP webportal. I'm in a landlocked country, yet it appears to be entirely populated by pirates and their parrots... I'm fairly sure if asked in person, 99% of the customers would claim to be entirely legal.)

 

Best regards: Tamas Feher, Hungary.

PetriKuikka

Hi,

 

we deployed 1.0.1178 release to some PSB portals yesterday with following changes:

• Improve SWUP remote operations and statuses
• Changed Software Update tab: List view to be the default mode

This release unfortunately dropped the PSB Workstation Security download links from the UI before the EOL for that product. So new release 1.0.1189 is just being deployed to portals that had already gotten the release 1.0.1178 and rest of the portals will be upgraded directly to 1.0.1189.

 

Sorry for the hassle with the download links,

 

PSB Team

etomcat

Dear PSB Team,

 

We have a PSB EMEA "SoP" account with app. 5300 devices under it. Using the portal account with IE browser is acceptably swift, but the views (e.g. list of computers, list of infection reports) are displayed in a kind of blurry font, even though menus of the browser and OS are sharp at the same time.

 

Using Firefox results in overall sharper view, but that browser struggles to compose long lists in the portal without freezing, e.g. the rooster of computers with PSB WKS or CP Standard or CP Premium installed on them. Seems like their "Gecko" web rendering engine has lower performance than Microsoft's Triton, which would be hard to fix independently?

 

Thus, please check if something could be done to offer sharper PSB portal font display for IE browser users, since that one seems to have the necessary list-processing power?

 

(Being on Win 8.1 OS I don't have the Edge browser and I'd rather not use Chrome, since Google Alphabet Inc. lives off syphoning away and selling data and the PSB portal works with customer's data.)

 

Thanks in advance, Yours Sincerely:

Tamas Feher, Hungary.

PetriKuikka

Hi,

 

there is a new release with following new feature deployed to all portals:

• On Company level it is now possible to filted the devices based on Active Directory information.

Also due to an error many computers were channel upgraded yesterday irrespective of the date configured. More info in: https://community.f-secure.com/t5/Business/Information-about-the-Channel/ta-p/115969

 

PSB Team

etomcat

Dear Sirs,

 

I have posted about something related to "PSB EU" infrastructure in the restricted Partner Forum part of this Community and I would like to have an urgent answer for that question, because it is an unexpected and highly concerning development. If there is no acceptable explanation provided very soon then I will have to tell our end-users about it before 16th of April, so they can make an informed decision for themselves.

 

Thanks in advance, Yours Sincerely:

Tamas Feher, Hungary.

mnegacz

Hi,
The new release is available in all regions with the following new features:

• UDID is now present in a mobile devices report.
• Selected SOP admins are allowed to download fsdiags.
• Network isolation can be configured using profile editor.

 

It also includes usability improvements:

• Software updates list and vendor views do not show non installable patches.
• Export time of a mobile device report has been significantly decreased.

FS_tuomee

Hi, 

The new release is available in all regions with the following new features:

 

• Preparation for Server Protection launch: 
  • The support for 3 new server products (that will be visible at launch):
    • Server Protection Premium
    • Server Protection Premium & RDR
    • Rapid Detection and Response for Servers
  • The installations with Computer Protection subscription keys on server operation systems is prevented.
• Security parameters are shown on device details page for MAC (pending a MAC client release)

 

And we have a performance improvement feature as well:

 

• Faster page loading for partners having thousands of companies

PetriKuikka

Hi,

 

we just enabled support for following 4 new products:

• Server Protection - this replaces the old Server Security 12.10
• Server Protection Premium
• Server Protection Premium and RDR
• Rapid Detection and Response for Servers

These products are using exact same installers as the Computer Protection and Rapid Detection and Response are using. There are still limitations in supported server platforms compared to Server Security, e.g. Citrix isn't yet supported. Also the Email and Server Security product is not yet supported with the new Server Protection. For full details take a look at https://community.f-secure.com/t5/Protection/PSB-F-Secure-Server-Protection/td-p/116807

 

This Server Protection is supported by the 19.3 release at https://community.f-secure.com/t5/Protection/Computer-Protection-change-log/m-p/116815/highlight/true#M1601. Earlier versions do not support Server Protection.

 

PSB Team

Jean-Pierre

Hello,

 

We are bringing today a new release with the following features and fixes to all portals in AMER, APAC and EMEA regions.

 

• PSB Server Protection is now available. See previous post for more information. Related to this, you have now three new available features:
  • You can now copy Computer Protection profile to Server Protection profile as well as the opposite
  • Server Security is renamed as Server Protection
  • Server Protection is now available on the public download page

• Remote Quarantine Management working with client version 19.3 and later
• "Select all" checkbox in the devices list view selects all devices, not just visible ones (limited to 500 devices).
• UI switched to use TLS v1.2 policy
• Management Rest API switched to TLS 1.2 only mode with elliptic and RSA ciphers
• Improved translation wording in User Interface
• Computers export CSV is now improved for partners with big amounts of computers

 PSB Team

SergeH

A Solution Provider (SOP) can now customize the F-Secure clients (Computer and Server Protection) with his logo in the bottom left corner, and associate a hyperlink to its support site.

Its logo and associated url can be added by going in the account page, in the action menu, below "Customize portal" to the new "Customize client" option.

 

The logo will be added to all client using a SOP/SEP/Company level profile.

The client using an F-Secure default profile will not show it (but it is possible to clone F-Secure default profile if you wish to show it).

 

etomcat

Dear F-Secure PSB developers,

 

> Selected SOP admins are allowed to download fsdiags.

 

I have a suggestion:

When using the F-Secure PSB webportal to remotely request FSDIAG creation on a Computer Protection 19.x endpoint, please make it possible to include a short message to customize the pop-up box.

 

(The interactive end-user sitting in front of the screen usually cancels the diagnostic permission request immediately, because they are scared by the pop-up window and don't understand what's going on. If I could include a short, custom message in our national language, as part of the pop-up box, that would soothe them and probably result in more acceptance of remote FSDiag requests.)

 

Thanks in advance, Yours Sincerely: Tamas Feher, 2F 2000 kft., Hungary.

etomcat

Hello,

 

> A Solution Provider (SOP) can now customize the F-Secure clients (Computer and Server Protection) with his logo in the bottom left corner,

 

Is it possible to entirely hide the presence of F-Secure PSB Computer Protection 19 on the endpoints or at least make the F-Secure local GUI un-openable, even if the user clicks on the F-Secure icon in the Windows tray?

 

Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.

etomcat

Hello,

 

If an F-Secure PSB admin has remotely started a CP 19 endpoint related action through the webportal (e.g. start a full computer virus scan, scan the computer for missing softwar patches or request to generate a diagnostic result package), is it possible to revoce the action before the task has started or even cancel it when it's already going on?

 

(For example, it turns out the target PC has a slow hard disk for data, filled with 2TB worth of compressed files total, so it would take 12+ hours for a full computer virus scan to complete, but the branch office needs to close for the night.)

 

Thanks in advance, Yours Sincerely:

Tamas Feher, Hungary.

fedool

---

@etomcat wrote:

Hello

Is it possible to entirely hide the presence of F-Secure PSB Computer Protection 19 on the endpoints or at least make the F-Secure local GUI un-openable, even if the user clicks on the F-Secure icon in the Windows tray?

 

Thanks in advance, Yours Sincerely: Tamas Feher, Hungary.

---

It's not currently possible. We need to introduce settings to make it possible on Server operating systems so it may come to other clients too later.

fedool

---

@etomcat wrote:

Hello,

 

If an F-Secure PSB admin has remotely started a CP 19 endpoint related action through the webportal (e.g. start a full computer virus scan, scan the computer for missing softwar patches or request to generate a diagnostic result package), is it possible to revoce the action before the task has started or even cancel it when it's already going on?

 

(For example, it turns out the target PC has a slow hard disk for data, filled with 2TB worth of compressed files total, so it would take 12+ hours for a full computer virus scan to complete, but the branch office needs to close for the night.)

 

Thanks in advance, Yours Sincerely:

Tamas Feher, Hungary.

---

Usually actions are delivered to clients in seconds and it's asynchronous operation so cancelling it is not possible even if you do it right away.

But cancelling long running operations may be possible.

Currently, operations are cancelled by reboot, for instance. So, if your branch closes down and computer is shutdown - action is cancelled automatically.

 

FifiSo

Dear Community,

 

we're eager to announce that a new release is avaiable in all regions with the following new features:

• pilot Client: It allows to receive new version of the Computer Protection and Server Protection clients a few days before the general distribution; it applies to all products like Computer Protection Premium with RDR and can be confiured under profile editor ("general settings" tab).

There are also several bugfixes present:

• mobile devices sorting by last activity is fixed,
• it is now possible to edit/add Browsing Protection / Content Type filtering rules for Computer Protection profiles,
• fixed schedule scan configured from portal that was not working properly sometimes when locked.

In case of any problems please contact our community, as usual.

 

PSB Teams