-
Malware Security protection is not up to date
Hi, after installing the policy manager 15.30 on a windows server 2019 and installing the correct server msi agent on another server, this server tells me that the virus protection is ok, but the malware protection is out of date. The agent has connection to the F-secure server as well as to the F-Secure cloud. As well the…
-
Support for Ubuntu 22.04 LTS for WithSecure Elements EPP
This discussion was created from comments split from: Linux Security 64 Change Log.
-
V12 Client Security no longer receiving updated definitions
Hi, Our V12 Client Security installations are no longer receiving updated definitions. I guess they are fairly old now so perhaps I should expect this, but can anyone confirm if this should be happening?
-
Profile Issue
I need to setup a Profile so that if certain users are logged on then the restrictions are applied, currently I can only set this up by device.
-
Intune/MS endpoint manager compliancy rule for WithSecure Elements
Hi, Many of our security controls rely on Elements maintaining antivirus and certain other limitations on our devices. Therefore we need a way to monitor Elements is enabled on the devices. Frankly, there are better things to do than reconciling the device list manually, so we've created an automated compliance rule in…
-
Workstation client, allow firewall *.domain.com?
I try to allow *.domain.com in one of our firewall profiles, but WithSecure do not allow to use * mark Internet is blocked and only certain addresses are allowed. I can put domain.com or subdomain.domain.com, but I need to allow all subdomains (because I do not know all subdomains)...so *.domain.com How to do that?
-
Feedback: New device view
Hi! I would like to be able to filter the "select value" results, similarly how I can filter the customer from top left. Now if I try to filter multiple companies, I need to scrolls list of 500+ companies and select them. Excel has an excellent "search" for filtered values, which works even if you need to select multiple…
-
Installation using GPO fails
Hello everybody, I am new to F-secure Elements. I try to install it using a GPO with MSI packages. I have read and follow steps of f-secure admin guide. But when at the end of the creation of my GPO, i go to the "modifications/changes" tab and point to my mst file, i have an error message saying "eventid 101: Installation…
-
EDR Sensor for linux?
Hi, Is there a EDR sensor for linux? From what I have heard we could use a non PM connected F-Secure Linux Security 64 agent? Or are there any other way to get linux servers to send logs to EDR ? -- Kind Regards Falk
-
I'm getting dllhost.exe as a false-positive.
Hi, Recently DataGuard is alerting "DataGuard detected an untrusted application that modified monitored files. Application: C:\Windows\System32\dllhost.exe", dllhost.exe is a windows genuine application which should not be detected as untrusted. Is there a way to or how can I make dllhost.exe trusted so I don't get these…
-
Browser Protection blocks Gmail
Browser protection blocks gmail.com address on Edge and Google Chrome browsers. Some known issue or how to bypass it? Thanks!
-
Software Updater doesn't install or offer updates
Hello, Most software updates are not installed. WithSecure Software Updater is supposed to install various software updates, including cumulative updates of Windows 10. I have 50 windows clients. Automatic Windows updates are disabled on each computer. According to WithSecure Web interface, only 10 % of updates are…
-
MacOS environment: no actions for Adwares ?
Hi, Have received some notifications from my PMS about some Adwares detected on MacOS environment with no action done. This is the detail: Security alert: Spyware detected. No action done. Details: Spyware detected in /System/Volumes/Data/Users/XXXX/Library/Safari/Extensions/QuickBrowse.safariextz. Infection :…
-
SSO & Identity Federation SAML / OIDC
Is it possible to delegate the access to Elements Endpoint Protection Account (and E Vulnerability Management Portal) using ADFS/SAML/SAML2 or OIDC as it is proposed by most of Cloud Solutions today. It seems that TOTP is supported but this is limited to smartphone owners which is not the case of all collaborators within…
-
FSPM upgrading clients stuck 'in progress'.
Via FSPM v15.30 I have deployed an update of F-Secure client security to around 200 clients, but only 5 have succeeded, 199 have a status of 'in progress' and I am not sure why, I started this over a week ago so I expected more than 5 clients to have updated by now. In the meantime I have come across some clients which are…
-
Dropped by filter: Shielded Main Rule, Shielded Main Rule.
Hi, enabled a firewall for a client computer from withsecure elements, and now I cannot ping that machine. log says 22-06-27 14:36:54.633 [2f60.2154] I: Type: FWPM_NET_EVENT_TYPE_CLASSIFY_DROP. Dropped by filter: Shielded Main Rule, Shielded Main Rule. Dropped by layer: ALE-vastaanoton/-hyväksymisen v4-kerros. Direction:…
-
Profiles not saving if automated task is added
Hi. I am growing quite frustrated that we got our licenses for client and proceeded to set up profile(s) for clients. Everything in profiles does save but when we are adding even single automated task then profile will not save. Save and publish keeps rolling its dots and is grayed out. I did request support with ticket…
-
MacOS: Virus definition updates and product updates not supported in Premium ?
Hi, I have premium licenses for our clients but it seems like that "Virus definition updates" and "Product updates" are not supported for the v.15.03 Is that normal or maybe I did it wrong ? Thank you for your reply. Regards,
-
Error 1326
Hi, First time on this community, hope to find a help about one of several problems that I face with. My configuration is a PMS and PMSP installed on Linux and PMSC installed on Windows. Clients are on Windows, not in a AD environment. Problem: I push the exported .msi to a client and the error 1326 occurred. Do you know…
-
Configuring scheduled scanning
How can I set the scan on Sunday of the second week of each month? Is there a more detailed example description?
-
Feature Request: Exchange Security-Scan for specific URLs in incoming emails/masked domain problem
Dear F-Secure Team, we are using FSESS in our Exchange 2016 environment to scan incoming emails for Malware, Spam, harmful links and malicous attachments. After using FSESS for some months we found out that the handling with harmful hyperlinks in emails needs a improvement. 1) It would be nice if F-Secure could provide an…
-
Detection of CVE-2022-30190?
Hello! We've had a question from customers about whether EDR can detect exploitation of CVE-2022-30190. Is this possible? And just looking ahead to the next time we get asked, is there a way to check such things within the UI? Thanks very much! Tim
-
Interaction between EDR Agent and Defender?
Hello! Recently during our response to the Follina vulnerability I had a chat with our AD administrators. They told me that Defender refused to run a real-time scan when the EDR agent is running on the same host. I just wondered (1) if that's true, and (2) and if so, is there is a way around that? The reason I ask is that…
-
Email and Server Security - email storage scanning
We have two MS Exchange Servers 2019 CU11 (v15.2.986.5) where WithSecure Email and Server Security v15.10.3009 is installed. Each of the Exchange server has Hub and Edge role installed, both share common DAG. The DAG is active only on one of the Exchange servers. The other Exchange is in passive mode. Each of the Exchange…
-
Automate Discovery Scan in AWS with Fsecure Vulnerability Manager
Hi to all, I need to know if exists any way to automatically detect the public IP's of my AWS account. For example, in other Vulnerability Management softwares, there are "Cloud Connectors" thar scans the platform constantly to discover new assets. In this moment, I need to update it manually, and this is tedious. Thank you
-
Use browser protection to block recently registered domains
Hello, Is there the possibility, or will there be the possibilty, to add a setting to browser protection that blocks domains registered within ____ number of days or weeks? This would help to block sites being spun up for the purpose of delivering malware/ransomware. Hopefully.
-
Browsing extension not enabled in Edge
Installation is successful by using the GPO, but the browsing extension is disabled (and greyed) in the browser. Tried other extensions with no problem, only the F-secure browsing extension is impacted. The extension is working fine on Chrome and Firefox. Followed this tutorial:…
-
mac-os MDM profiles for config bugs
Hello, I follow instructions for create my 5 MDM profiles at this page on the website of help.f-secure but I have severals bugs list below : for Kernel Extensions, System Extension and Grant Full Disk Access : there is an error because the profiles are not System profiles but User profiles like :-( for Allow notifications…
-
FSPMC 15.30 Clients can't update (untrusted root ca)
2022-01-31 10:03:29.554 [0944.42a0] I: Checking for updates from https://F-secure.dist.local:443/guts2 2022-01-31 10:03:29.602 [0944.42a0] I: Update check failed, error=216 (untrusted root ca)
-
WithSecure Community User Guidelines
Welcome to WithSecure's Community platform! This space is for our members, customers, partners, and users to connect, collaborate, troubleshoot, and exchange insights. Please read and follow the Community Guidelines below to maintain a respectful and inclusive environment. WithSecure may modify these guidelines, and your…