Issue:
After installing Elements Agent client with EDR subscription, the message "Device sensor is not operational" is shown in the local Elements Agent user interface.
Resolution:
You need to ensure that you have allowed the network traffic to the following addresses in your network firewall. The client sensor silently collects activity from the endpoint on which it is installed and then submits a representation of this data to a backend.
To guarantee proper transmission, the endpoints need to be able to communicate over HTTP and HTTPS, port 443 with the services listed here:
https://community.withsecure.com/en/kb/articles/31217-network-addresses-for-withsecure-elements-cloud-managed-products
You should also allow connections to the digicert.com domain, as the Windows API may need to verify WithSecure services that are signed with a certificate that is issued by Digicert.
In case you have an SSL interceptor to intercept the network traffic, we recommend creating whitelisting on the SSL interceptor for the EDR addresses. EDR and Countercept use the same certificate pinning approach that prevents connectivity when TLS interception solutions are used.
Services that need to be whitelisted in the interceptor are:
Article no: 000008767