URL addresses for F-Secure update services
This article applies to the products of the following F-Secure solutions: Protection Service for Business, Business Suite and Rapid Detection & Response.
The global F-Secure content delivery network used by F-Secure uses dynamic addressing and traffic routing. The content delivery network operates on both HTTP and HTTPS protocols. In order to provide a faster response and download time, F-Secure also uses third-party content delivery networks as well as external cloud-based services such as Amazon's cloud.
For customers wishing to control their outbound network traffic, F-Secure recommends the use of a web proxy server and setting up the access control policies using the following hostnames:
Note: Some firewalls do not allow you to specify wildcards for exclusions. If you are faced with this issue, please contact your firewall vendor for a fix.
Software Updater downloads
F-Secure Software Updater downloads the database of updates from the global F-Secure content delivery network. This database is used to find outdated and vulnerable software. But if you want to install updates automatically, Software Updater needs to download the updates from different URL addresses for each application. We cannot provide a list of the allowed URLs for all possible applications. Also, you need to monitor and add all needed exclusions yourself.
Rapid Detection & Response Service (RDS) and Rapid Detection & Response (RDR)
To guarantee proper transmission between the endpoints and backend, the endpoints need to be able to communicate over HTTP and HTTPS, port 443, with various sub-domains owned by F-Secure (*.f-secure.com and *.fsapi.com). You should also allow connections to the digicert.com domain, as Windows API may need to verify F-Secure services that are signed with a certificate that is issued by Digicert.