Issue:
How to create an exclusion for a certain software update with the F-Secure Software Updater feature in the Elements Endpoint Protection Portal for EPP for Computers or EPP for Servers devices? I do not want to have Software Updater installing updates automatically or have the user manually installing the update.
Resolution:
Prerequisite: You need to have a non-default profile before you can configure your software updater settings.
You can exclude specific software updates from automatic installation by following these steps:
- Log in to the Elements Endpoint Protection Portal
- Go to the Profiles page
- Select the profile you want to modify
- Go to Software updater settings tab
- Under Exclude software from automatic installation, click Add rule
- Select from the Rule drop-down menu one of the following:
- Update name contains
- Software name contains
- Vendor name contains
- Severity equals to
- Bulletin ID equals to
- Then depending on the rule you've chosen, enter the value to the remaining field. Examples:
- Update name contains: Google Chrome 89.0.4389.82 (Note: for Microsoft updates, do not include the version number. Use for example only the KB number)
- Software name contains: Google Chrome
- Vendor name contains: Google Inc.
- Severity equals to: Critical Security / Important Security
- Bulletin ID equals to: FSPM-41-64283-4
You can view the update details from the Software Updater page in the Endpoint Protection Portal.
Note:
- Only one software per exclusion is supported. If you need to add multiple software, click Add rule again.
- You can add several conditions in one rule, if you want to combine for example Software name contains and Severity equals to conditions, click Add condition in the rule column.
After the profile has been saved and published, the exclusion will be taken into use on the devices that have this profile assigned.
If you would like to hide the update completely from being detected as missing by Software Updater, you need to exclude it via the following setting in the Endpoint Protection Portal profile editor:
- Log in to the Endpoint Protection Portal
- Go to the Profiles page
- Select the profile you want to modify
- Go to Software updater settings tab
- Scroll down to the Exclude updates from scan results section
- Click Add rule
When the update is hidden with this rule, the update will not be listed at all in the Software Updates Missing updates tab in the Endpoint Protection portal. It will also not be visible locally on the device for the user.
Article no: 000006571