First, a public/private key pair has to be created and subsequently installed in the F-Secure Elements Security Center and the scan node. The keys are used to establish an encrypted communication channel between the F-Secure Elements Security Center and the scan node in question. Note: The steps given here are for creating the encryption keys on […]
Category: F-Secure
F-Secure Business(1304)
F-Secure Endpoint(43)
F-Secure Home(1301)
Preparation steps (F-Secure)
F-Secure Elements Vulnerability Management ensures that the credentials needed to perform authenticated scans are stored in a safe manner. Once credentials are sent to F-Secure Elements Vulnerability Management, they are encrypted with a public key and can only can be decrypted directly on the scan node with a counterpart private key. This section describes how […]
Configure the F-Secure Elements Security Center
Log in to the F-Secure Elements Security Center. Go to Templates and open the Network scan templates tab. Click Add network scan template or click the menu icon in the Actions column and select Edit to edit an existing template. Select Windows credentials from the Authentication method drop-down menu. Specify which credentials should be used: Use the scan node’s service account Specify credentials explicitly Choose which sources the WUA […]
Adding a scan node to the domain (F-Secure)
The scan node must be a part of your domain and the Radar_account must be set as a local administrator on the scan node. To do this, enable the following settings: Open Administrative Tools > Group Policy Management and select your domain. Right-click and select Create a GPO in this domain, and link it here. Enter a name, for example Scannode-Admin, and click OK. […]
Grant read access to registry keys (F-Secure)
Go to Computer Configuration > Policies > Windows Settings > Security Settings > Registry. Right-click and select Add. Select MACHINE\System\CurrentControlSet\Control\SecurePipeServers\winreg. Add read permission for the previously selected (domain or local) user account used to authenticate to Windows systems. Click OK and select Propagate inheritable permissions to all sub keys. Click OK. Source : Official F-Secure Brand Editor by : BEST Antivirus KBS Team
Enable Remote Registry service (F-Secure)
Go to Computer Configuration > Policies > Windows Settings > Security Settings > System Services. Double-click the Remote Registry service. Select Define this policy settings and Automatic and click OK. Source : Official F-Secure Brand Editor by : BEST Antivirus KBS Team
Add rule to allow traffic to SMB/CIFS and RPC (F-Secure)
To add a firewall rule to allow TCP/445 (SMB/CIFS) and TCP/135 (RPC): Go to Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security – LDAP > Inbound Rules. Right-click and choose New Rule. Choose Port and click Next. Choose TCP and at specific local ports enter 135, 445, then click Next. Select Allow the connection and click Next. Choose Domain (or other, depending on your knowledge), then click Next. […]
Add rule to allow traffic to the RPC Dynamic Ports (F-Secure)
Go to Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security – LDAP > Inbound Rules. Right-click and choose New Rule. Choose Custom and click Next. Choose All programs and click Next. Select TCP as the Protocol type. Select RPC Dynamic Ports as the Local Port and click Next. Specify the IP address of the scan node on the remote IP addresses list or choose Any IP address and then click Next. Select Allow […]
Add rule to allow traffic to the RPC Endpoint Mapper (F-Secure)
Go to Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security > Windows Firewall with Advanced Security – LDAP > Inbound Rules. Right-click and choose New Rule. Choose Custom and click Next. Choose This Program Path and enter %systemroot%\system32\svchost.exe. Choose Customize. Choose Apply to this service, then select Remote Procedure Call (RPC) with the short name RpcSs and click OK. Click Next and accept the pop-up warning. Select TCP as the Protocol type. Select RPC Endpoint Mapper as the Local Port and click Next. Specify […]
Create a new Group Policy object (F-Secure)
Go to Start > Administrative Tools > Group Policy Management. Right-click Domains and select Create a GPO in this domain, and link it here. Enter Elements Vulnerability Management as the required name and click OK. Right-click the created GPO (Elements Vulnerability Management) and select Edit. You can now edit this GPO in the Group Policy Management Editor, where you should perform the next steps. Remember to add […]