Import Policy file F-Secure 14

MrMayonnaise
MrMayonnaise W/ Alumni Posts: 2 Security Scout

I have exported a policy file for a new host in Policy Manager. The client computer cannot connect to any network, for security reasons. I created the host manually in PM.

So i have moved the policy file to the client computer, but i cant find a way to import it. In FS 12 it was easy(Tasks > Central Management > import).

How do I do it in FS 14?

Comments

  • Vad
    Vad W/ Alumni Posts: 1,069 Cybercrime Crusader

    Hello MrMayonnaise,

     

    Import of policies in CS 14 format (Cosmos) is not yet supported in current Policy Manager. We will add it in PM 14.10.

     

    Best regards,

    Vad

  • hduret
    hduret W/ Alumni Posts: 5 Security Scout

    Hello,

     

    I'm afraid that doesn't answer the question. The goal here is to import a policy (exported from a PM console) into an isolated client, and not into another PM.

     

    I experience the same problem with Linux Security 11.10. The client side web interface does not contain any "Import policy" fonction. I'm looking for the fsma command or binary which allow to import a bpf policy file into my isolated client.

     

    Best regards,

    Hadrien

  • Vad
    Vad W/ Alumni Posts: 1,069 Cybercrime Crusader

    Hello Hadrien,

     

    In 14 versions there is no FSMA and no bpf policy file. Policies are stored in c:\ProgramData\F-Secure\COSMOS\.

    As soon as import of Cosmos settings for 14 versions will be available in PM 14.10, you will have a possibility to replace this file(s), just will need to have enough security rights.

     

    Best regards,

    Vad

  • hduret
    hduret W/ Alumni Posts: 5 Security Scout

    Thank you for your quick reply !

     

    I forgot specifying that I work on Linux servers only.

    So, on my F-Secure PM Console 14.01 based on Linux, I can select a host in the Policy Domain tree, right-click and export its policy file in the btf format, as described in the documentation.

     

    Then, on a linux client which runs Linux Security 11.10, the fsma module usually gets its policy directly from the PM and stores it in /etc/opt/f-secure/fsma/policy/policy.btf.

     

    I just wonder how to update the policy of an isolated client. If I replace directly the /etc/opt/f-secure/fsma/policy/policy.btf file by one exported from the PM, and set the right uid in it, I have a Signature error.

     

    There must be a way to manually import such a policy file, or do we have to configure the local policy of each isloated client we have via their Web GUI ?

     

    Best regards,

    Hadrien

  • hduret
    hduret W/ Alumni Posts: 5 Security Scout
    (No btf files, I mean bpf)
  • hduret
    hduret W/ Alumni Posts: 5 Security Scout

    Thank you all for your support !

     

    But again, I'm not working on Windows hosts, but on Linux ones, so I can't build MSI custom installation to run on them... Do you know if there's an equivalent ? I didn't found how to  build install packages for Linux clients.

     

    The latest version of FS Linux Security is 11.x, I hope the feature will be implemented as planned for v14.10 windows ones :)

  • MrMayonnaise
    MrMayonnaise W/ Alumni Posts: 2 Security Scout

    Thanks for all the replys and sorry comming back to y'all so late.

     

    Creating an installation file with policy settings included solved my problem. Though I had to reinstall FS on many clients which was a hastle but it solved it. I hope exporting "cosmos files"(?) is implemented soon so hdurets problem is solved too.

     

    Thank you so much.

    MrM

  • MatthewTurner
    MatthewTurner W/ Alumni Posts: 2 Security Scout

    Thanks for information

This discussion has been closed.