Issue:
- Currently we are using WithSecure Client Security 13.xx and F-Secure Policy Manager 13.xx and before we upgrade to Version 14.00 we would like to know what happens to the current F-Secure Firewall configurations?
- We upgraded from Client Security 13.11 to 14.10 and Windows firewall profile changes, when F-Secure Firewall is enabled/disabled
- After upgrading to 14.02 and 14.02 Clients are having different issues, like: Internet is breaking, Internet Explorer and other application that run in Production are freezing
- F-Secure firewall is deactivated from Policy Manager, but there are still rules Windows firewall under outbound rules
Resolution:
F-Secure firewall is replaced with the Windows firewall engine. It is automatically turned on after installing Client Security 14.00, unless explicitly disabled in the policies.
You may find more information about the new firewall engine here:https://help.f-secure.com/product.html#business/releasenotes-business/latest/en/fscs_14_02-latest-en
Support for the new firewall engine
- Centralized configuration experience remains unchanged as much as possible. The main difference in the configuration logic is the introduction of profiles, which compared to Security levels do not use a policy inheritance model, but use a copy-on-modify approach instead. In addition to a set of firewall rules, the profiles contain a number of related settings.
- Network services list is now treated as a global dictionary, which is the same for all Policy Manager administrators.
- Internet Shield's Application control feature is no longer supported in Client Security 14.00 and is superseded by a new version of Application control. To better reflect the nature of the old Application Control, it is renamed to Network Access Control.
Why F-Secure dropped its own Firewall?
The main reason is the unification of clients based on "Oneclient" that doesn't have F-Secure firewall.
- Do we have to configure rules and services for Version 14.00? Yes
- Does this mean, we have to redo all our rules when we Upgrade to 14.00? Yes
- Does the automatic switching of the firewall profiles (Office/ Mobile) continue to work according to certain criteria? Yes
- Does the quarantine function work with the 14.00 version? Yes
- If the virus signature is outdated, the device will be quarantined and only the connection to the update server will still work and update after successful signatures, the firewall will be activated according to the profile? Yes, if quarantine is activated
- I still see F-Secure Services in "Allowed Applications and features" in Windows Firewall, though I have disabled F-Secure firewall. It remains there, because our plugin has been loaded once and it will be removed on uninstallation. It won't work in any case as you have deactivated the firewall.
How do I disable F-Secure firewall?
Note: In the next release, we will get back the previous behavior, where you can uncheck Firewall component during msi deployment from Policy Manager.
- In the current Client Security Version 14.xx, you can export msi with custom policy that has a disabled firewall. Windows Firewall won't be affected by F-Secure firewall plugin, it will stay at the same state as it was before our installation.
- F-Secure plugin allows managing of Windows firewall from Policy Manager. We add our default rules for our own services and administrator can add their custom rules from Policy Manager. If administrator does not want to use our firewall, then you can either disable it by regular means described in the above line or :
a. Use GPO to enable Windows firewall + disable our firewall from Policy Mnaager
b. Rename fs_manageable_win_firewall_32.dll in CS installation directory and restart the client. This way our plugin will be broken and won't be able to start.
Article no: 000008510