Find clear, step-by-step solutions to common WithSecure issues across installation, configuration, updates, and product performance.
Issue: How to remotely change the subscription key of the Elements Endpoint Agent (EPP for Computers and EPP for Servers) via the Endpoint Protection Portal?Resolution: Follow these steps to remotely change a subscription key of a device using the Endpoint Protection Portal: * Log into the Endpoint Security Center Portal:…
Issue: Lorsqu'un produit de terminal WithSecure est installé sur un ordinateur ou un serveur, l'utilisation du processeur ou de la mémoire (RAM) est élevée et les applications rencontrent des problèmes de performances. La connectivité de certaines applications peut également être lente ou complètement bloquée. Le problème…
Issue: I would like to register my Policy Manager Server which is not connected to a network (offline), how do I proceed?Resolution: * Contact WithSecure support by opening a support request here. * Provide the following information for WithSecure technical support to create an offline registration file: * Account Name *…
Issue: Une erreur du type « Votre connexion au portail des partenaires WithSecure™ a échoué. Veuillez essayer d'utiliser un autre navigateur ou vous pouvez ouvrir un ticket d'assistance à l'adresse : https://www.withsecure.com/en/support » s'affiche lorsque vous vous connectez au portail des partenaires. Resolution: Ce…
Issue: Customer or reseller partner would like to cancel an existing Evergreen (SaaS) WithSecure Elements subscription. How to cancel it? Resolution: If you have the product through a reseller partner, you need to contact them and they can request a termination of an existing Evergreen / SaaS subscription. If you are a…
Issue: How to create or generate a WSDIAG diagnostics file on a Windows computer? Resolution: Follow the steps below to generate a WSDIAG report. Click on the Windows Start button In the list of apps, click on WithSecure Click on WithSecure Support tools Click Run diagnostics Once completed, it generates a file called…
Issue: How to change, transfer or migrate two-factor authentication (2FA) / Multi-factor authenticator (MFA) to a new authenticator device? Resolution: If you still have access to the old authenticator, you can move the authenticator to a new device by logging in with the existing authenticator to the Elements portal.* Log…
Issue: EDR Sensor Disabled is shown in Elements Security Center even after uninstall/re-installation.Resolution: Giving following permission to registry in administration right. Registry HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\SystemCertificates\CA Permission “Local Service” and “Network Service” This is most probably…
WithSecure™ Elements Endpoint Detection and Response (EDR) provides advanced capabilities to detect, investigate, contain, and remediate threats in real time. The platform combines automated detection with flexible response actions to help organizations act swiftly and decisively during cyber incidents. Core Response…
Issue: WithSecure Elements, Endpoint Detection and Response (EDR) détecte une application sûre (par exemple, une application interne). Comment autoriser la détection? Resolution: Vous pouvez fermer la détection de contexte large (BCD) en la définissant sur « Comportement accepté » afin de créer une règle de suppression…
Issue: Why number of "Non-user mailbox" protected by Elements Collaboration Protection exceeds the purchased license size? Resolution: Non-user mailboxes will not be counted directly to the license size, like 1 license: 1 mailbox. Instead, it will be be counted with a ratio of 1:2. For example if you have an Elements…
Issue: Collaboration Protection sent URL detection from an mail received over 2 month ago. Why the delay has occurred?Resolution: If the detection found except neither Inbox nor Sent, it might cause when the mail was moved directory. The suspicious emails are automatically scanned depending on the action defined in the…
Issue: Why is spam / bulk / advertising / phishing email getting through even if Elements Collaboration Protection is in use? Shouldn't spam email be filtered by the spam filter? Resolution: Elements Collaboration Protection does not include a spam filter. Microsoft Office 365 has its own anti-spam policies, of which you…
Issue: Error when updating Azure Entra ID Identity script; "ERROR during Azure deployment: Cannot validate argument on parameter 'Tenant'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again. Collecting information on failed deployments..." Resolution: Do make sure…
Issue / Symptoms: Error: "The management group cannot be found" when deploying Elements Identity Security for Entra ID with the /deploy.ps1 command. Additional errors: "The deployment validation failed. Deployment WSecCD-azure_entra_id terminates with the unexpected state." Resolution: If you get this error, we recommend…
Issue: When going to the Environment > Devices page in the Elements Security Center portal and clicking a device to see the device details, the Findings tab for Exposure Management findings is missing for a device. Resolution: Make sure that Vulnerability Management Scanning has been enabled for the device and that the…
Issue: Some scheduled system scan (network scans) end up with "Terminated" status.Resolution: We recommend to look into the scan log, which can be viewed by:* Log in to the Elements Vulnerability Management portal * Go to the Security Configuration > Scans > Network scans page * Open the scan group which is having issues…
Issue: I would like to use third-party application with Elements Vulnerability Management portal using the API, but how do I start?Resolution: The quick introduction and best practice guide to the Elements Vulnerability Management API are available here. You can find the full reference manual for Elements Vulnerability…
Issue: How can I check if specific vulnerability or CVE is covered in Elements Exposure Management (formerly known as Vulnerability Management)?Resolution: Option 1: You can view if Elements Exposure Management has coverage for a specific vulnerability directly from the Elements portal: * Login to Elements Elements…
Issue: How does WithSecure Elements Vulnerability Management count scanned unique IP addresses (license usage)?Resolution: Elements Vulnerability Management calculates a total number of unique IPs scanned for vulnerabilities in each and every Elements Vulnerability Management organization. In general:* Only vulnerability…
Issue: The hive.db file under C:\Windows\System32\config\systemprofile\AppData\Roaming\f-secure\HiveRoot -folder is growing. Can it be deleted?Resolution: The hive.db file under C:\Windows\System32\config\systemprofile\AppData\Roaming\f-secure\HiveRoot is the cache of our scanning engine for clean files. The file can be…
Issue: This article is applicable for the following products: Server Security 12.x, Email and Server Security 12.x, PSB Server Security 12, PSB Email and Server Security. How to uninstall F-Secure Server products on Windows server using Uninstallation Tool?Resolution: Although F-Secure Uninstallation Tool is not supported…
Issue: How to order evaluation (trial) license for a new customer in the WithSecure Partner PortalResolution: Follow these steps to create an evaluation order for a new customer account in the WithSecure Partner Portal. 1. Log in to your Partner Portal account 2. Click Ordering and select Yearly 3. Click New Order 4. In…
Issue: * .XLS and .XLA attachments are blocked by F-Secure filter * The following attachment has been stripped: Source: user1@example.com Destination: support@domain.com File name: 41125001012.xls File size: 192000 bytes Scan result: Attachment '41125001012.xls' matches 'AttachmentFiltering::Included' stripping condition;…
Issue: Linux Security 64 servers display real-time scanning status as "Disabled" in Policy Manager console status page. Policy for these servers is set to real time scanning as "on" and users are not allowed to change this setting. Why does the status show real-time scanning as disabled even if it should be…
Issue: WithSecure Linux Security 64 is not connecting to the Policy Manager Server and it is not visible in the "Import new hosts" tab in Policy Manager Console.Resolution: Check the "/var/opt/f-secure/fspms/logs/request.log" file of Policy Manager server whether there is any request from that Linux client by searching for…
Issue: How to upgrade Cloud Protection for Salesforce? Is there any roll-back option available after upgrade to latest version so that incase if there is any issue with the new version then we can rollback to old version. Resolution: The latest version of the Cloud Protection for Salesforce solution is always available in…
Issue: When URL Protection is enabled, links in email sent internally and externally has its URL syntax replaced which may break certain links. How to allow those URLs without disabling URL Protection in Cloud Protection for Salesforce?Resolution: Follow these steps to exclude a URL:* Login to Cloud Protection and go to…
Issue: WithSecure utilise Future Method pour exécuter des analyses et des conflits avec des scripts personnalisés qui utilisent également Future Method. Des suggestions sur la façon de résoudre ce problème ? Resolution: Par défaut, Cloud Protection for SalesForce utilise des tâches pouvant être mises en file d'attente pour…
Issue: Recipients receive spam messages, why did Messaging Security Gateway (MSG) not block these spam messages? Resolution: If recipients receive spam messages, it could be because of the following potential root causes: 1. Low spam score (False Negative) Check spam scores from message headers. Look for "X-Proofpoint"…