Issue:
- When the Web traffic scanning feature is enabled, some applications are unable to connect to an internal server and some URLs are inaccessible or some applications have connectivity or performance issues
- Java-based applications unable to connect to an internal server or there are connectivity issues.
Resolution:
If the Web Traffic Scanning is causing issues for an application that connects to an internal server, you can add the server address as trusted. This will exclude the network traffic from Web Traffic Scanning.
How to add the server address as trusted differs between Client Security and Server Security versions:
For Client Security 13.x:
- Log in to Policy Manager Console
- Select the host or domain from the Domain Tree
- Go to the Settings tab and select Advanced view
- Navigate to F-Secure Anti-Virus -> Settings -> Settings for Web Traffic Scanning -> Trusted Servers
- Click Add and enter the server address
- Distribute the policy (Ctrl+D)
With Client Security 13.x clients the address needs to have the /* wildcard added after the server address, for example:
For Client Security / Server Security 14.x and 15.x:
- Log in to Policy Manager Console
- Select the host or domain from the Domain Tree
- Go to the Settings tab and select Standard view
- Go to the Web content control page
- Click Add on the right side of the Trusted sites list
- Enter the server address in the Address column
- Distribute the policy (Ctrl+D)
With Client Security / Server Security 14.x and 15.x clients no wildcard is needed in the address, for example:
If the steps above did not solve your problem, disable Botnet Blocker to see if it is the cause for the issue.
How to disable Botnet blocker:
- Log in to Policy Manager Console
- Select the host or domain from the Domain Tree
- Go to the Settings tab and select Standard view
- Navigate to Web traffic scanning and select Botnet Blocker
- Set the DNS query filtering to Allow all queries
- Distribute the policy (Ctrl+D)
If disabling disabling the Botnet blocker did not solve the issue, disable DeepGuard temporarily and then try to reproduce the issue. How to disable DeepGuard:
- Open the Client Security local user interface
- Go to the Malware Protection tab
- Click Edit settings from the left side of the user interface to enable administrator rights
- Disable DeepGuard using the on / off switch
If the issue is resolved by disabling DeepGuard, you can create a DeepGuard exclusion in the policy:
- Log in to the Policy Manager Console
- Select a host or policy domain from the Domain Tree
- Go to the Settings tab
- Go to the Real-time scanning settings page
- Scroll down to the Files and applications excluded from scanning table and enable Do not scan the following files and applications
- Click Add on the right side of the table
- Add the application path and click OK
- Distribute the policy (Ctrl + D)
It is also good to make sure ORSP Service (Security Cloud) is enabled. You may find more information about the Security Cloud here
How to enable ORSP via Policy Manager console:
- Log in to Policy Manager Console
- Select the host or domain from the Domain Tree
- Go to the Settings tab (Advanced view)
- Navigate to F-Secure Security Cloud Client > Settings
- Enable Allow deeper analysis and Client is enabled
- Distribute the policy (Ctrl+D)
You can ping the ORSP Service on your local client and see if its reachable: orsp.f-secure.com
From Web Browser
- Open
http://orsp.f-secure.com/getc and browser must be able to download the certificate file from the URL. If it is reporting an error or the browser hangs for several minutes, then there is a problem.
Connectivity to DOORMAN service:
You might have to check your firewall settings and allow *.f-secure.com and *.fsapi.com. More about URL addresses for F-Secure update services can be found here.
Article no: 000004728