To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Standalone/Air-Gap Usage

mtoecker W/ Alumni Posts: 2 Security Scout

Hi Folks,


I'm looking over various anti-virus solutions right now for potential use, but I have a unique wrinkle.  I work in an air-gapped environment, where the systems do not have access to the internet for signature and product updates.  


My question is: Does F-Secure have a method of using their endpoint protection products on standalone networks and to update those products via offline methods?  If so, is there a paper, or instruction, I can look at?


Next wrinkle, I need to install the same products on some standalone systems, which literally have no network connection as you may understand it (stuff like MODBUS).  Any support here?




  • Ben
    Ben W/ Alumni Posts: 664 Cybercrime Crusader

    Hi mToecker, 


    You can use the fsdbupdates tools to update isolated environments


    Our end-point clients don't all support officially standalone installation.

  • etomcat
    etomcat W/ Alumni Posts: 1,172 Firewall Master



    Some remarks:


    - F-Secure's corporate market, workstation protection suite (called FSAV Client Security 12) doesn't have .EXE or .MSI installation package any more. It comes as a .JAR file that can only be made into an .MSI using the "F-Secure Policy Manager" centralized control system.


    ( If you can demonstrate the need to F-Secure support, "Policy Manager" centralized control system can be licensed with an off-line token file. Tthe normal method uses recurring online licenc checks. )


    - Even if you could operate AV protection in totally off-line mode, the protection level will be about 33% less, compared to the networked (access to public net) mode, because instant online reputation lookups (the Cloud) is now a very important aspect of antivirus technology. That's true of almost all AV vendors, not just F-Secure.


    - The "offline" virus recognition database updating method provided by F-Secure is somewhat unefficient, as it means downloading a ~270MB sized file again and again (preferrably once every day for optimal protection) and transferring the file to the isolated machines using a USB stick, for example.


    Best regards: Tamas Feher, Hungary.

  • mtoecker
    mtoecker W/ Alumni Posts: 2 Security Scout

    Thank you everyone for your replies, I'll be taking a look at the solutions provided.  Unfortunately, I don't have a choice in going for the offline version, regulations regarding cyber security in the industry I work in are very specific on what interactions are allowed to the outside internet: none.



This discussion has been closed.