Issue:
Endpoint Detection and Response (RDR) sensor in Business Suite Client Security or Server Security is unable to connect to the backend.
User interface shows "Sensor is not activated" status and the device is not visible in the EDR Portal.
Resolution:
WithSecure recommends to add the following scope to whitelisted domains:
- *.f-secure.com
- *.fsapi.com
- *.digicert.com
For a broader exclusion you would need to whitelist full addresses for the RDR endpoints as follows:
| Address | Port |
|---|
| doorman.sc.fsapi.com | 443 |
| baseguard.doorman.fsapi.com | 443 |
| api.disobus.fsapi.com | 443 |
| orsp.f-secure.com | 80 |
| cacerts.digicert.com | 80 |
The Security Cloud client needs to be enabled on the Policy Manager console to allow EDR sensors to submit data to F-Secure Cloud.
Steps to enable the Security Cloud client:
1. Open Policy Manager
2. Go to Settings
3. Check Real-Time Scanning under General section
4. Tick "Use Security Cloud" checkbox to enable Security Cloud feature
Note: If the host, on which the sensor is installed, requires a HTTP proxy server to access the internet, you can add the proxy address to the setting under:
Policy Manager Console > Settings > Centralized management > Internet connection
Article no: 000021319