Feature request: Uniform client security status messages, no automatic scan with obsolete virus defi

hyvokar
hyvokar W/ Alumni Posts: 165 Junior Protector

Hi, 

 

1) Would it be possible, that f-secure client would give unifiorm status messages, and not **it like this:
https://ibb.co/fhWLae

https://ibb.co/cpgmFe

 

Also, when checking the virus definitions on the client, it says 32 days old. When checking from Policy manager, it says current. How about, having a same date on client and policy manager?

 

2) Option to not start automatic scheduled scan if virus definitions are old. it seems that virus definitions cannot be updated while the scan is running and user is blocked from the network for the whole duration of the scan. This is giving us a terrible head ache.

Comments

  • Vad
    Vad W/ Alumni Posts: 1,069 Cybercrime Crusader

    Hello hyvokar,

     

    1) Could it be so, that Policy Manager, which manages the problematic client, experience problems with downloading latest updates from F-Secure update server, and has 32 days old updates in use. This could explain the client messages. When you check for updates, the client connect to PM and find out that it has the same set of updates as PM. So, from this perspective, the client updates are up to date.

     

    2) Scheduled scan can lead to performance impact, and taking in use new virus definitions can be postponed, until the scan is completed. It doesn't block network in any way.  We recommend to use background priority and/or do not run scheduled scan during working hours.

    Network can be blocked by Network Quarantine feature, if it's turned on and tuned to use Maximum Age of Virus Definitions health requirement.

     

    Best regards,

    Vad

  • hyvokar
    hyvokar W/ Alumni Posts: 165 Junior Protector

    1) No. The users who has been on a vacation has this problem (out of office for ~month). The definitions on PM and workstations that has been running are current.

    2) It does block the network connection, since clients are not able to update their past-due definitions and network quarantine kicks in.

  • Vad
    Vad W/ Alumni Posts: 1,069 Cybercrime Crusader

    1) I see. We will need to look closer to this scenario. Probably this conflicting messages are shown during the short period, in which the updates are already downloaded from PM, but not yet taken in use by the engine. Launching a scheduled scan right after booting up was not taken into account. It can lead to increasing this period significantly.

     

    2) We made improvements in the Network Quarantine in version 13.11, to handle the scenario "User comes from vacation" better. But again seems it doesn't cover the case if Scheduled scan is starting immediately after starting the machine.

     

    Best regards,

    Vad

     

  • hyvokar
    hyvokar W/ Alumni Posts: 165 Junior Protector

    Would love an option in PMC scheduled scan settings "force update virus definiotions before scan" or "do not launch the scan, if the virus definitions are over xx days old".

This discussion has been closed.