© 1993-2019 F-Secure Corporation. All rights reserved.
‘F-Secure’ and F-logo are registered trademarks of F-Secure Corporation. F-Secure product and technology names and F-Secure logos are either trademarks or registered trademarks of F-Secure Corporation. Other product names and logos referenced herein are trademarks or registered trademarks of their respective companies.
This product may be covered by one or more F-Secure patents, including the following: GB2353372, GB2366691, GB2366692, GB2366693, GB2367933, GB2368233, GB2374260
This document contains late-breaking information about F-Secure Email and Server Security 14.00 release. We strongly recommend that you read the entire document before installing the software.
F-Secure continuously improves documentation. Refer to the latest version of this document online at F-Secure website.
Important notice: This release of F-Secure Email and Server Security 14.00 Standard and Premium can be used with F-Secure Policy Manager (or managed with the local Web User Interface).
F-Secure Email and Server Security provides protection for your Microsoft Windows Server, Microsoft SharePoint Server, Microsoft Exchange Server, Microsoft Small Business Server, Citrix XenApp, and Windows Terminal servers. The solution can be licensed and deployed as F-Secure Email and Server Security (Standard) or F-Secure Email and Server Security Premium, on per-user or terminal connection basis.
This new F-Secure Email and Server Security solution release includes the following features:
- Virus & spyware protection – protects your computer against viruses, trojans, spyware, rootkits and other malware.
- DeepGuard™ – proactive, instant protection against unknown threats. It monitors application behavior and stops potentially harmful activities in real-time.
- DataGuard – monitors protected folders to prevent untrusted applications from modifying your files.
- Web traffic scanning – detects and blocks malicious content in web traffic (HTTP protocol) to provide additional protection against malware.
- Firewall – consists of Windows Firewall integration and centralized management.
- Application control – allows you to restrict virtually any application from starting.
- Browsing protection – protects your terminal users against web browser exploits and rogue web sites.
- Anti-Virus for Microsoft Exchange – protects incoming, outgoing, and internal mail traffic and Exchange public folders from malware and other security threats and provides content and attachment filtering.
- Spam Control – detects and filters spam messages from email traffic providing real-time protection against all types of spam, regardless of its content, format or language.
- Email Quarantine Manager – allows dedicated users to release, reprocess, and delete quarantined emails and attachments from the the email quarantine.
- Offload scanning agent for virtual environments – allows you to offload malware scanning to F-Secure Scanning and Reputation Server in Virtual and Cloud Environments.
- Software Updater – keeps your system and applications up to date by installing patches as they are released by vendors.
- Rapid Detection & Response – uses lightweight, discreet sensors that collect behavioral data from endpoint devices to identify a wide range of attacks.
- Anti-Virus for Microsoft SharePoint – provides real-time protection for Microsoft SharePoint servers, scanning uploaded and downloaded content for malware and other security threats.
The table below shows which features are enabled with different product licenses.
|Feature||F-Secure Email and Server Security||F-Secure Email and Server Security Premium|
|Virus & spyware protection||●||●|
|Web traffic scanning||●||●|
|Rapid Detection & Response||●||●|
|Offload Scanning Agent||●||●|
|Anti-Virus for Microsoft Exchange||●||●|
|Email Quarantine Manager||●||●|
|Anti-Virus for Microsoft SharePoint||●||●|
The solution is available in the following languages: English, Chinese Simplified, Chinese Traditional, French, German, Italian, Japanese, Korean, Polish, Spanish (Latin America), and Swedish.
- New features and improvements
- New technology stack
- Significantly revised the scanning architecture and communication between endpoint components and Policy Manager. This introduces the latest F-Secure technologies and unifies them across all F-Secure products.
- Installation time and the need for restarts are significantly decreased.
- New protocol for delivering updates (GUTS2). The new protocol decreases the probability of clients having to do a full download of updates, for example after a weekend offline.
- Rapid Detection & Response
- The Rapid Detection & Response sensor is included in both Standard and Premium editions of Email and Server Security 14.00.
- Updated user interface
- User experience refreshed and revised. The user interface is updated.
- Local configuration is performed from the local user interface dialogs.
- The product now includes the firewall feature, which is based on the Windows firewall engine. It is automatically turned on after installation, unless explicitly disabled in the policies.
- Centralized configuration experience is similar to the F-Secure Client Security workstation product. The only server-specific feature is a separate firewall profile selector, which is set to the ‘Server’ profile by default.
- Firewall profiles are only managed centrally and cannot be modified locally. If allowed, local users can configure the firewall using the Windows Firewall interface.
- Rules from the current Firewall profile created for the Windows Firewall are labeled with “F-Secure Firewall” as a group name.
- DataGuard protection
- DataGuard is a feature that strengthens DeepGuard by monitoring specific folders on your computer to prevent untrusted applications from modifying your files. DataGuard is especially useful against any new ransomware that is able to get past the product’s other security layers.
- DataGuard protection is available in Premium edition only.
- DataGuard blocks suspicious applications that are considered to behave as ransomware and may block attempts to modify data folders by untrusted applications. The related alerts are generated and sent to the Policy Manager.
- Application control
- Application control allows restricting virtually any application from starting, based on powerful rules defined by the administrator. See the Policy Manager documentation for details.
- New management experience
- New Web Console.
- Web Console is used for configuring Exchange and SharePoint settings. Anti-virus settings are managed via the local interface.
- Policy Manager standard view is now used to configure all ESS settings except centralized email quarantine.
- Changes in the installation procedure
- Web Console application is hosted by Microsoft Internet Information Service and automatically installed during product setup.
- MSSQL database is no longer bundled with Email and Server Security installation package and has to be installed as a prerequisite.
- Email and Server Security is now installed as MSI.
Note: This Email and Server Security version requires Policy Manager 14.30.
- New technology stack
- Known issues
- HTTP 2.0 has to be disabled for Chrome and Firefox browsers to work with Web Console.
- EMC CAVA is not supported by this version.
- Dropped features
- Filtering messages by keywords.
- Dropped support for Microsoft Exchange Server 2007 and 2010.
- Dropped support for Microsoft SharePoint 2010.
Before you install the product, we recommend that you review sections in this topic to ensure that your network, hardware, software, and other system components meet the requirements.
Note: The minimum hardware requirements may not be sufficient if you run multiple services on the same system.
- System requirements for F-Secure Email and Server Security installation
- To install F-Secure Email and Server Security, the following minimum hardware and system requirements are recommended.
- Any computer that meets the requirements for the supported operating system.
- 10 GB or more disk space is recommended.
- Internet connection is required to receive updates and to use cloud-based detection.
- Supported operating systems
- The product can be installed on a computer running one of the following operating systems:
- Microsoft Windows Server 2008 R2
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 Essentials
- Microsoft Windows Server 2012 R2
- Microsoft Windows Server 2012 R2 Essentials
- Microsoft Windows Server 2012 R2 Foundation
- Microsoft Windows Server 2016 Standard
- Microsoft Windows Server 2016 Essentials
- Microsoft Windows Server 2016 Datacenter
- Microsoft Windows Server 2016 Core
- Microsoft Windows Server 2019 Standard
- Microsoft Windows Server 2019 Essentials
- Microsoft Windows Server 2019 Datacenter
- Microsoft Windows Server 2019 Core
Note: Windows Server 2016 Nano is not supported.
All Microsoft Windows Server editions are supported except:
- Windows Server for Itanium processor
- Windows HPC editions for specific hardware
- Windows Storage editions
- Windows MultiPoint Server
- Windows Home Server
Note: All operating systems are required to have the latest Service Pack installed.
Note: For performance and security reasons, you can install the product only on an NTFS partition.
- Microsoft .Net 4.7.2 must be installed on the system.
- Supported Microsoft Exchange Servers
- F-Secure Email and Server Security can be installed on a computer running the following Microsoft Exchange Server versions:
- Microsoft Exchange Server 2013 w/o service pack, service pack 1 (CU23, CU22, CU21)
- Microsoft Exchange Server 2016 (CU15, CU14, CU13, CU12, CU11)
- Microsoft Exchange Server 2019 (CU3, CU2, CU1)
The cumulative updates (CU) that support .NET Framework 4.7.2 are indicated in parentheses. For more detailed information, see https://docs.microsoft.com/en-us/Exchange/plan-and-deploy/supportability-matrix?view=exchserver-2019#microsoft-net-framework.
Note: Microsoft Exchange Server 2013 SP1 requires a special fix, which allows third-party or custom-developed transport agents to be installed correctly. The fix and its installation instructions are available in Microsoft Knowledge Base article 2938053.
To use Email Quarantine Manager, you need Microsoft Internet Information Server up and running in your environment. This is available as part of Microsoft Exchange Server.
- Cluster environments
- F-Secure Email and Server Security can be installed on Microsoft Exchange Server clusters. The following cluster configurations are supported:
- Microsoft Exchange Server 2013 Database Availability Groups
- Microsoft Exchange Server 2016 Database Availability Groups
- Microsoft Exchange Server 2019 Database Availability Groups
- SQL Server requirements
- F-Secure Email and Server Security requires Microsoft SQL Server for the quarantine management. The following versions of Microsoft SQL Server are recommended:
- Microsoft SQL Server 2008 (Enterprise, Standard, Workgroup or Express Edition)
- Microsoft SQL Server 2008 R2 (Enterprise, Standard, Workgroup or Express Edition)
- Microsoft SQL Server 2012 (Enterprise, Business Intelligence, Standard, or Express Edition)
- Microsoft SQL Server 2014
- Microsoft SQL Server 2016
- Microsoft SQL Server 2017
- Microsoft SQL Server 2019
Important: We do not recommend using MSDE or Microsoft SQL Server Express edition if you are planning to use the centralized quarantine management or if your organization sends and receives a large number of emails. For more information about the limitations of the Microsoft SQL Server Express or MSDE, see the product manual.
- Supported terminal servers
- F-Secure Email and Server Security supports the following terminal server platforms:
- Microsoft Windows Terminal/RDP Services (on the above mentioned Windows Server platforms)
- Citrix XenApp 5.0
- Citrix XenApp 6.0
- Citrix XenApp 6.5
- Citrix XenApp 7.0 – 7.18
- Supported Microsoft SharePoint servers
- F-Secure Email and Server Security can be installed on a computer running the following Microsoft SharePoint Server versions:
- Microsoft SharePoint 2013 with the latest service pack
- Microsoft SharePoint 2016
- Microsoft SharePoint 2019
- Browser requirements
- To administer the product with F-Secure Web Console, one of the following web browsers is required:
- Microsoft Internet Explorer 11
- Mozilla Firefox (up-to-date versions)
- Google Chrome (up-to-date versions)
Note: Allowing hosts to access the web console requires configuring an SSL certificate for the site in Internet Information Services (IIS). SSL 2.0 is not supported due to vulnerabilities.
Setup and configuration
- Installation instructions
- Note: Push installation through Policy Manager Console is not supported for clean installations of F-Secure Email and Server Security, only for upgrades.
Before you install F-Secure Email and Server Security, uninstall any potentially conflicting products, such as other antivirus or server security software.
To install the product, you need to log in with administrator-level privileges.
Note: Microsoft® SQL Server should be available for the installation. In ESS version 14, SQL Express is no longer included in the installer.
- Upgrade installation
- You can upgrade F-Secure Email and Server Security from the previous versions of F-Secure products by running the setup program and following the installation instructions. You can upgrade the following product versions:
- F-Secure Server Security 11.x or 12.x
- F-Secure Email and Server Security 11.x or 12.x
Refer to the manual for detailed upgrade instructions.
- Installation and configuration of Email Quarantine Manager
- After installing Email and Server Security 14.00 with Anti-Virus for Microsoft Exchange on your server, see the following file for further instructions:
c:\Program Files (x86)\F-Secure\Email and Server Security\EQM\EQM installation instructions.htm
Contact information and feedback
We look forward to hearing your comments and feedback on the product functionality, usability and performance.
Please report any technical issues via:
- F-Secure support web site: http://support.f-secure.com
- F-Secure Community: http://community.f-secure.com/t5/End-point/bd-p/End-point_Security
Before sending us a report about your issue, run F-Secure Support Tool on the host that is running F-Secure Email and Server Security. This utility gathers basic information about hardware, operating system, network configuration and installed F-Secure and third-party software that helps us to analyze and solve the issue.
You can run the F-Secure Support Tool from the Web Console as follows:
- Log in to the Web Console.
- Select F-Secure support tool on the Support page.
- F-Secure Support Tool starts automatically and the dialog displays the data collection progress.
- When the tool has finished collecting the data, click Report to download and save the collected data
You can also find and run the fsdiag.exe utility in the diagnostics directory under the product installation directory, or run F-Secure Email and Server Security > Support Tool in the Windows Start menu. The tool generates a file called fsdiag.zip.
F-Secure license terms
F-Secure license terms are included in the software. You must read and accept them before you can install and use the software.