Find clear, step-by-step solutions to common WithSecure issues across installation, configuration, updates, and product performance.
Issue: How to remotely change the subscription key of the Elements Endpoint Agent (EPP for Computers and EPP for Servers) via the Endpoint Protection Portal?Resolution: Follow these steps to remotely change a subscription key of a device using the Endpoint Protection Portal: * Log into the Endpoint Security Center Portal:…
Issue: När en WithSecure slutpunkt är installerad på en dator eller server är det hög CPU- eller minnesanvändning (RAM) och applikationer har prestandaproblem. Anslutningen för vissa applikationer kan också vara långsam eller blockeras helt. Problemet påverkar alla WithSecure -klienter: * Elements Endpoint Protection EPP…
Issue: I would like to register my Policy Manager Server which is not connected to a network (offline), how do I proceed?Resolution: * Contact WithSecure support by opening a support request here. * Provide the following information for WithSecure technical support to create an offline registration file: * Account Name *…
Issue: Får felmeddelandet "Din inloggning till WithSecure™ Partner Portal misslyckades. Försök att använda en annan webbläsare, eller så kan du öppna ett supportärende på: https://www.withsecure.com/en/support" när du loggar in på Partner Portal. Resolution: Det här felmeddelandet visas vanligtvis när användaren har ett…
Issue: Customer or reseller partner would like to cancel an existing Evergreen (SaaS) WithSecure Elements subscription. How to cancel it? Resolution: If you have the product through a reseller partner, you need to contact them and they can request a termination of an existing Evergreen / SaaS subscription. If you are a…
Issue: How to create or generate a WSDIAG diagnostics file on a Windows computer? Resolution: Follow the steps below to generate a WSDIAG report. Click on the Windows Start button In the list of apps, click on WithSecure Click on WithSecure Support tools Click Run diagnostics Once completed, it generates a file called…
Issue: How to change, transfer or migrate two-factor authentication (2FA) / Multi-factor authenticator (MFA) to a new authenticator device? Resolution: If you still have access to the old authenticator, you can move the authenticator to a new device by logging in with the existing authenticator to the Elements portal.* Log…
Issue: EDR Sensor Disabled is shown in Elements Security Center even after uninstall/re-installation.Resolution: Giving following permission to registry in administration right. Registry HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\SystemCertificates\CA Permission “Local Service” and “Network Service” This is most probably…
WithSecure™ Elements Endpoint Detection and Response (EDR) provides advanced capabilities to detect, investigate, contain, and remediate threats in real time. The platform combines automated detection with flexible response actions to help organizations act swiftly and decisively during cyber incidents. Core Response…
Issue: Hur testar man om EDR-sensorer på Windows, Mac och Linux fungerar och rapporterar upptäckter till Elements Endpoint Detection and Response-portalen? Resolution: För Windows-sensorer finns det några tester som beskrivs i produkten Enkelt test med Windows-systemverktyg | Elements Endpoint Detection and Response |…
Issue: Why number of "Non-user mailbox" protected by Elements Collaboration Protection exceeds the purchased license size? Resolution: Non-user mailboxes will not be counted directly to the license size, like 1 license: 1 mailbox. Instead, it will be be counted with a ratio of 1:2. For example if you have an Elements…
Issue: Collaboration Protection sent URL detection from an mail received over 2 month ago. Why the delay has occurred?Resolution: If the detection found except neither Inbox nor Sent, it might cause when the mail was moved directory. The suspicious emails are automatically scanned depending on the action defined in the…
Issue: Why is spam / bulk / advertising / phishing email getting through even if Elements Collaboration Protection is in use? Shouldn't spam email be filtered by the spam filter? Resolution: Elements Collaboration Protection does not include a spam filter. Microsoft Office 365 has its own anti-spam policies, of which you…
Issue: Error when updating Azure Entra ID Identity script; "ERROR during Azure deployment: Cannot validate argument on parameter 'Tenant'. The argument is null or empty. Provide an argument that is not null or empty, and then try the command again. Collecting information on failed deployments..." Resolution: Do make sure…
Issue / Symptoms: Error: "The management group cannot be found" when deploying Elements Identity Security for Entra ID with the /deploy.ps1 command. Additional errors: "The deployment validation failed. Deployment WSecCD-azure_entra_id terminates with the unexpected state." Resolution: If you get this error, we recommend…
Issue: Some scheduled system scan (network scans) end up with "Terminated" status.Resolution: We recommend to look into the scan log, which can be viewed by:* Log in to the Elements Vulnerability Management portal * Go to the Security Configuration > Scans > Network scans page * Open the scan group which is having issues…
Issue: I would like to use third-party application with Elements Vulnerability Management portal using the API, but how do I start?Resolution: The quick introduction and best practice guide to the Elements Vulnerability Management API are available here. You can find the full reference manual for Elements Vulnerability…
Issue: How can I check if specific vulnerability or CVE is covered in Elements Exposure Management (formerly known as Vulnerability Management)?Resolution: Option 1: You can view if Elements Exposure Management has coverage for a specific vulnerability directly from the Elements portal: * Login to Elements Elements…
Issue: How does WithSecure Elements Vulnerability Management count scanned unique IP addresses (license usage)?Resolution: Elements Vulnerability Management calculates a total number of unique IPs scanned for vulnerabilities in each and every Elements Vulnerability Management organization. In general:* Only vulnerability…
Issue: Elements Exposure Management vulnerability scans on Linux contain false positive detection for backported software. Any recommendation for scanning backported software? Resolution: For any host with backported software. we would suggest performing authenticated scan to get more accurate result. If the "Skip…
Issue: The hive.db file under C:\Windows\System32\config\systemprofile\AppData\Roaming\f-secure\HiveRoot -folder is growing. Can it be deleted?Resolution: The hive.db file under C:\Windows\System32\config\systemprofile\AppData\Roaming\f-secure\HiveRoot is the cache of our scanning engine for clean files. The file can be…
Issue: How to order evaluation (trial) license for a new customer in the WithSecure Partner PortalResolution: Follow these steps to create an evaluation order for a new customer account in the WithSecure Partner Portal. 1. Log in to your Partner Portal account 2. Click Ordering and select Yearly 3. Click New Order 4. In…
Issue: This article applies to the following WithSecure products:* WithSecure Elements Agent (EPP for Computer or EPP for Servers) * WithSecureBusiness Suite (Client Security or Server Security) How do I uninstall an WithSecure business product via a GPO uninstallation?Resolution: You can follow the steps below to…
Issue: * .XLS and .XLA attachments are blocked by F-Secure filter * The following attachment has been stripped: Source: user1@example.com Destination: support@domain.com File name: 41125001012.xls File size: 192000 bytes Scan result: Attachment '41125001012.xls' matches 'AttachmentFiltering::Included' stripping condition;…
Issue: Linux Security 64 servers display real-time scanning status as "Disabled" in Policy Manager console status page. Policy for these servers is set to real time scanning as "on" and users are not allowed to change this setting. Why does the status show real-time scanning as disabled even if it should be…
Issue: WithSecure Linux Security 64 is not connecting to the Policy Manager Server and it is not visible in the "Import new hosts" tab in Policy Manager Console.Resolution: Check the "/var/opt/f-secure/fspms/logs/request.log" file of Policy Manager server whether there is any request from that Linux client by searching for…
Issue: How to upgrade Cloud Protection for Salesforce? Is there any roll-back option available after upgrade to latest version so that incase if there is any issue with the new version then we can rollback to old version. Resolution: The latest version of the Cloud Protection for Salesforce solution is always available in…
Issue: When URL Protection is enabled, links in email sent internally and externally has its URL syntax replaced which may break certain links. How to allow those URLs without disabling URL Protection in Cloud Protection for Salesforce?Resolution: Follow these steps to exclude a URL:* Login to Cloud Protection and go to…
Issue: WithSecure använder Future Method för att köra skanningar och sammandrabbningar med anpassade skript som också använder Future Method. Några förslag på hur man löser detta? Resolution: Som standard använder Cloud Protection for SalesForce köbara jobb för att anropa genomsökning av e-postbilagor. Men om Future Method…
Issue: Why Am I Getting Error 503 When Attempting to Access Elements EDR? Resolution: If you're encountering a 503 error while trying to access EDR, it may be due to recent changes in the system. Here’s an explanation of what’s happening and how to resolve the issue. Recent Changes: A few weeks ago, the legacy view in EDR…