@import "/themes/withsecure/design/coveo/CoveoFullSearch.min.css"; @import "/themes/withsecure/design/headerfooter.css"; header .container, .top-header {display:flex; width: 100%;padding: 0;flex-direction: row;justify-content: space-between;} a#searchboxtoggle[data-toggle="collapse"] #displaysearch:before {content: "\f220";font-family: fsg-icon;font-size: 26px;color: #red;font-style:normal} a#searchboxtoggle[data-toggle="expand"] #displaysearch:before {content: "\f130";font-family: fsg-icon;font-size: 26px;color: #fff;font-style:normal} .header-searchbox {position: absolute;margin: 0;z-index: 30;width: 0;overflow: hidden;right: 30px;height: 53px; transition: .6s ease-in-out;} @media screen and (max-width: 370px){ .header-searchbox.expand {width: 300px;} } @media screen and (min-width:371px) and (max-width: 700px){ .header-searchbox.expand {width: 450px;} } @media screen and (min-width:701px) and (max-width: 991px){ .header-searchbox.expand {width: 450px;} } @media screen and (max-width: 991px){ a.Header-logo svg {margin-top:8px} .header-coveosearch { margin:auto;width: 60px;position: absolute;right: 0;height: 64px;} .header-searchbox {width: 0;overflow:hidden} .header-searchcontainer {position:absolute;margin:auto;top: 0;width: 60px;height: 62px;text-align: center;} .header-searchcontainer {padding-top: 6px;} .header-searchbox {position: absolute;margin: 0;z-index: 30;width: 0;overflow: hidden;right: 60px;top:0;height: 63px;} .bottom-header.display {width:100%} .searchPage .Hamburger {right:9px!important;left:unset!important} .searchPage .Hamburger-border {right:0!important;} } @media screen and (min-width: 992px){ header .row:nth-child(1) {position:absolute; top:0;height:52px} .bottom-header {margin-top:60px} .header-top-links {margin-left:auto} .header-searchcontainer {float:unset; margin:unset} .header-coveosearch {margin-top:8px;margin-right:30px;width: 10px;} .header-searchbox {top: -9px;} .header-searchbox.expand {width: 500px; min-height:200px} .searchboxtoggle {margin-top:0} .searchboxtoggle:hover {cursor:pointer} .searchboxtoggle:hover #displaysearch:before, .header-searchcontainer.expand .searchboxtoggle:hover #displaysearch:before {color: #c6ceff} .helpforum-dropdown:hover, .supportarticles-dropdown:hover {cursor: default;} .helpforum-dropdown a:hover {cursor: pointer;} .helpforum-dropdown a, .supportarticles-dropdown p {width: fit-content} .header-top-link.active::after, .header-top-link:hover::after {top:-5px} .helpforum-dropdown.active::after, .supportarticles-dropdown.active::after, .dropdowns > li:hover::after {top:7px} } @media screen and (min-width: 992px) and (orientation:landscape) { .top-header {width:98%;} } .btn { min-width: 100px; } .btn-inverse { color: #fff; border-color: #fff; background-color: #00000000; border-width: 1px; } .btn { display: inline-block; margin-bottom: 0; font-weight: 600; text-align: center; vertical-align: middle; touch-action: manipulation; cursor: pointer; background-image: none; border: 1px #00000000; line-height: .71; border-radius: 4px; -webkit-user-select: none; -moz-user-select: none; -ms-user-select: none; user-select: none; font-size: 14px; padding: 14px 15px; min-width: 114px; text-decoration: none; } .btn-lg, .btn { -webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; } .btn { text-rendering: optimizeLegibility; -ms-font-feature-settings: "liga" 1,"kern" 1; font-feature-settings: "liga" 1,"kern" 1; font-variant-ligatures: normal; font-kerning: normal; } a { text-decoration: underline; } .cmp_footer { font-family: Archivo-Light; color: #bec3c8; font-size: 14px; font-weight: 300; line-height: 1.6em; letter-spacing: .03em; background-color: #001423; color: #fff; padding: 3em 0 2em 0; text-align: center; } @media (min-width: 992px) .cmp_footer__newsletter { grid-area: newsletter; margin-top: 2.5em; } .cmp_footer { font-family: Archivo; color: #bec3c8; font-size: 14px; font-weight: 300; line-height: 1.6em; letter-spacing: .03em; background-color: #001423; color: #fff; padding: 3em 0 2em 0; text-align: center; } .btn.btn-inverse.btn-outline { border: 1px solid #fff; }

Community

Support Articles Other WithSecure products

Countercept (MDR) client is not visible in the Countercept portal after installation

Issue:

WithSecure Managed Detection and Response (MDR) client has been installed to a server but the device is not shown / visible in the WithSecure Countercept portal.

Resolution:

The MDR client requires a network connection to operate properly. It silently collects activity from the endpoint on which it is installed and then submits a representation of this data to the WithSecure backend.

To guarantee proper transmission, the endpoints need to be able to communicate over HTTP and HTTPS with various subdomains owned by F-Secure:

*.f-secure.com (ports 80 and 443)
*.fsapi.com (port 443)

Also, the client's response functionality requires access to the following domains in Amazon Web Services:

ac3ujg1ortm4c-ats.iot.eu-west-1.amazonaws.com (port 443, Windows 7 and 2012: port 8883)
c3hquxgihnj763.credentials.iot.eu-west-1.amazonaws.com (port 443)
ew1-famp-prd-system-transfer.s3.eu-west-1.amazonaws.com (port 443)

You must also allow connections to the digicert.com domain as well, as the Windows API may need to verify WithSecure services that are signed with a certificate that is issued by Digicert. If you have allowed traffic for the above domains, please create fsdiag file from the client for further check, note that MDR does not allow TLS interception, configure your proxy to do not inspect the traffic.

If the issue persists, you may run our Connectivity Checker tool to determine what addresses are needed to be open in your firewall: https://download.sp.f-secure.com/connectivitytool/ConnectionChecker.exe

The issue could also be related to certificates. Do reinstall the certs and reboot the server for the changes to take effect.

If you are using proxy.f-secure.com, you need to allow two IP-addresses 46.228.136.166 and 46.338.136.158 + Port 8080 or 443 from the Firewall. It is recommended to use 8080 and traffic is still encrypted so TLS goes inside the port.

Lastly, ensure that these certificates in the host are valid:

USERTrust RSA Certification Authority	USERTrust RSA Certification Authority	2b8f1b57330dbba2d07a6c51f70ee90ddab9ad8e	https://crt.sh/?id=1199354
AAA Certificate Services	AAA Certificate Services	d1eb23a46d17d68fd92564c2f1f1601764d8e349	https://crt.sh/?id=331986
DigiCert Trusted Root G4	DigiCert Trusted Root G4	ddfb16cd4931c973a2037d3fc83a4d7d775d05e4	https://cacerts.digicert.com/DigiCertTrustedRootG4.crt

If connectivity and certificates are OK, make sure that you have the required Azure Code Signing (ACS) Windows updates installed on the server or workstation: Changes in support on Microsoft Windows – Minimum patch level. - WithSecure Community

Without Azure Code Signing support, the Ultralight Core update will fail to install which will lead to fsatpn.exe and fsatpl.exe processes not being able to start.

Article no: 000037473