Find clear, step-by-step solutions to common WithSecure issues across installation, configuration, updates, and product performance.
Issue: When an WithSecure endpoint product is installed on a computer or server, there is high CPU or memory (RAM) usage and applications are experiencing performance issues. The connectivity of some applications can also be slow or blocked completely. Issue affects all WithSecure clients: * Elements Endpoint Protection…
Issue: I would like to register my Policy Manager Server which is not connected to a network (offline), how do I proceed?Resolution: * Contact WithSecure support by opening a support request here. * Provide the following information for WithSecure technical support to create an offline registration file: * Account Name *…
Issue: パートナー ポータルにログインするときに、「 WithSecure™ パートナー ポータルへのログインに失敗しました。別のブラウザーを使用するか、https://www.withsecure.com/en/support でサポート チケットを開いてください」というエラーが表示されます。 Resolution: このエラー メッセージは通常、ユーザーが既存のWithSecureユーザー アカウントを持っているが、そのアカウントにパートナー ポータルへのアクセス権がない場合に表示されます。複数のユーザー アカウントがある場合は、たとえば、パートナー ポータルへのアクセス権のないアカウントで Elements…
Issue: * When trying to register a Policy Manager Server, we are getting this error: The registration cannot be validated. WithSecure Policy Manager Server could not connect to the WithSecure registration server (https://corp-reg.fsapi.com) Resolution: What should I do if registration fails, saying that my customer number…
Issue: How to create or generate a WSDIAG diagnostics file on a Windows computer? Resolution: Follow the steps below to generate a WSDIAG report. Click on the Windows Start button In the list of apps, click on WithSecure Click on WithSecure Support tools Click Run diagnostics Once completed, it generates a file called…
Issue: How to change, transfer or migrate two-factor authentication (2FA) / Multi-factor authenticator (MFA) to a new authenticator device? Resolution: If you still have access to the old authenticator, you can move the authenticator to a new device by logging in with the existing authenticator to the Elements portal.* Log…
Issue: How to configure Device control where all the USB devices are blocked unless white-listed by its hardware ID. Resolution: You can make rules of various USB Classes where you can set the access level to Block and than make a white-list rule to allow the devices by hardware ID. To know various Class please check this…
WithSecure™ Elements Endpoint Detection and Response (EDR) provides advanced capabilities to detect, investigate, contain, and remediate threats in real time. The platform combines automated detection with flexible response actions to help organizations act swiftly and decisively during cyber incidents. Core Response…
Issue: WithSecure Elements Endpoint Detection and Response(EDR)は、安全なアプリケーション(社内アプリケーションなど)を検出します。検出をホワイトリストに登録するにはどうすればよいでしょうか? Resolution: 広域コンテキスト検出(BCD)を「許容動作」として閉じることで、ユーザーまたはプロセスの行動を許容する抑制ルールを作成できます。これを行うには、以下の手順に従います。 * Elements セキュリティ センター (https://elements.withsecure.com) にログインします。 * 左ペインのイベントカテゴリを展開します *…
Issue: アンインストール/再インストール後も、Element Security Center に「EDR センサーが無効」と表示されます。 Resolution: 管理者権限でレジストリに以下の権限を与えます。 レジストリ HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\SystemCertificates\CA 許可 “Local Service” and “Network Service” これはおそらく、システム ロールバック ソフトウェアによって発生します。 2025 年 4 月に問題が発生した場合は、修正プログラムが利用可能になるまで、Elements Connector で早期アクセス…
Issue: Why number of "Non-user mailbox" protected by Elements Collaboration Protection exceeds the purchased license size? Resolution: Non-user mailboxes will not be counted directly to the license size, like 1 license: 1 mailbox. Instead, it will be be counted with a ratio of 1:2. For example if you have an Elements…
Issue: Collaboration Protection sent URL detection from an mail received over 2 month ago. Why the delay has occurred?Resolution: If the detection found except neither Inbox nor Sent, it might cause when the mail was moved directory. The suspicious emails are automatically scanned depending on the action defined in the…
Issue: Normally after releasing quarantined email, the email will be re-sent to the original recipient. If quarantined file or URL in Exchange needs to be investigated, admin needs to release the email first and ask the recipient to forward the email to admin after the email is released. It's a bit risky for normal user…
Issue: Error when updating Azure Entra ID Identity script; "ERROR during Azure deployment: Cannot validate argument on parameter 'Tenant'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again. Collecting information on failed deployments..." Resolution: Do make sure…
Issue / Symptoms: Error: "The management group cannot be found" when deploying Elements Identity Security for Entra ID with the /deploy.ps1 command. Additional errors: "The deployment validation failed. Deployment WSecCD-azure_entra_id terminates with the unexpected state." Resolution: If you get this error, we recommend…
Issue: Some scheduled system scan (network scans) end up with "Terminated" status.Resolution: We recommend to look into the scan log, which can be viewed by:* Log in to the Elements Vulnerability Management portal * Go to the Security Configuration > Scans > Network scans page * Open the scan group which is having issues…
Issue: I would like to use third-party application with Elements Vulnerability Management portal using the API, but how do I start?Resolution: The quick introduction and best practice guide to the Elements Vulnerability Management API are available here. You can find the full reference manual for Elements Vulnerability…
Issue: How to create WithSecure Elements Vulnerability Management API keys for authenticationResolution: An API key consists of an access key (for example, PA3IAKNANLM9) and a secret key (for example, UO9mkDEHFGa1Vau6o#1AfxwRmBQW@!qV). Note that the sample requests in this documentation show access and secret keys enclosed…
Issue: How can I check if specific vulnerability or CVE is covered in Elements Exposure Management (formerly known as Vulnerability Management)?Resolution: Option 1: You can view if Elements Exposure Management has coverage for a specific vulnerability directly from the Elements portal: * Login to Elements Elements…
Issue: How does WithSecure Elements Vulnerability Management count scanned unique IP addresses (license usage)?Resolution: Elements Vulnerability Management calculates a total number of unique IPs scanned for vulnerabilities in each and every Elements Vulnerability Management organization. In general:* Only vulnerability…
Issue: The hive.db file under C:\Windows\System32\config\systemprofile\AppData\Roaming\f-secure\HiveRoot -folder is growing. Can it be deleted?Resolution: The hive.db file under C:\Windows\System32\config\systemprofile\AppData\Roaming\f-secure\HiveRoot is the cache of our scanning engine for clean files. The file can be…
Issue: How to order evaluation (trial) license for a new customer in the WithSecure Partner PortalResolution: Follow these steps to create an evaluation order for a new customer account in the WithSecure Partner Portal. 1. Log in to your Partner Portal account 2. Click Ordering and select Yearly 3. Click New Order 4. In…
Issue: How can a reseller partner decrease or increase the amount of licenses for an existing Evergreen (SaaS) subscription? Resolution: It is possible to decrease or increase the amount of licenses for an existing SaaS subscription in Partner Portal by following the steps below. New Partner Portal: * Open the Sales tab…
Issue: Offline computers in an isolated environment running Business Suite Client Security 16.01 and Server Security 16.01 are not able to be updated because when applying the zip-file using fsaua-update_32.exe, the following error message is displayed: "ERROR: Update archive file is broken" Resolution: This is a known…
Issue: * .XLS and .XLA attachments are blocked by F-Secure filter * The following attachment has been stripped: Source: user1@example.com Destination: support@domain.com File name: 41125001012.xls File size: 192000 bytes Scan result: Attachment '41125001012.xls' matches 'AttachmentFiltering::Included' stripping condition;…
Issue: Linux Security 64 servers display real-time scanning status as "Disabled" in Policy Manager console status page. Policy for these servers is set to real time scanning as "on" and users are not allowed to change this setting. Why does the status show real-time scanning as disabled even if it should be…
Issue: How to upgrade Cloud Protection for Salesforce? Is there any roll-back option available after upgrade to latest version so that incase if there is any issue with the new version then we can rollback to old version. Resolution: The latest version of the Cloud Protection for Salesforce solution is always available in…
Issue: When URL Protection is enabled, links in email sent internally and externally has its URL syntax replaced which may break certain links. How to allow those URLs without disabling URL Protection in Cloud Protection for Salesforce?Resolution: Follow these steps to exclude a URL:* Login to Cloud Protection and go to…
Issue: WithSecure はFuture Method を使用してスキャンを実行していますが、これも Future Method を使用するカスタム スクリプトと衝突しています。この問題を解決する方法について何か提案はありますか? Resolution: デフォルトでは、Cloud Protection for SalesForce は、メール添付スキャンを呼び出すためにキュー可能ジョブを使用します。ただし、Future メソッドが呼び出された場合は、キュー可能ジョブの制限に達したことを意味し、 WithSecure App は代わりに Future メソッドを使用するように切り替えます。Future…
Issue: Why Am I Getting Error 503 When Attempting to Access Elements EDR? Resolution: If you're encountering a 503 error while trying to access EDR, it may be due to recent changes in the system. Here’s an explanation of what’s happening and how to resolve the issue. Recent Changes: A few weeks ago, the legacy view in EDR…