© 1993-2020 F-Secure Corporation. All rights reserved.
‘F-Secure’ and F-logo are wp-signup.phped trademarks of F-Secure Corporation. F-Secure product and technology names and F-Secure logos are either trademarks or wp-signup.phped trademarks of F-Secure Corporation. Other product names and logos referenced herein are trademarks or wp-signup.phped trademarks of their respective companies.
This product may be covered by one or more F-Secure patents, including the following: GB2353372, GB2366691, GB2366692, GB2366693, GB2367933, GB2368233, GB2374260
General
This document contains late-breaking information about the F-Secure Server Security 15.00 release. We strongly recommend that you read the entire document before installing the software.
F-Secure continuously improves documentation. Refer to the latest version of this document online at the F-Secure website.
Important notice: This release of F-Secure Server Security 15.00 Standard and Premium should be used with F-Secure Policy Manager. This version cannot be used with the cloud-based F-Secure Protection Service for Business management portal.
Product contents
F-Secure Server Security provides protection for your Microsoft Windows Server, Microsoft Small Business Server, Citrix XenApp, and Windows Terminal servers. The solution can be licensed and deployed as F-Secure Server Security (Standard) or F-Secure Server Security Premium, on per-server or terminal connection basis.
This new F-Secure Server Security solution release includes the following features:
- Virus & spyware protection – protects your computer against viruses, trojans, spyware, riskware, rootkits and other malware.
- DeepGuard™ – proactive, instant protection against unknown threats. It monitors application behavior and stops potentially harmful activities in real-time.
- DataGuard – monitors protected folders to prevent untrusted applications from modifying your files.
- Web traffic scanning – detects and blocks malicious content in web traffic (HTTP protocol) to provide additional protection against malware.
- Firewall – consists of Windows Firewall integration and Network access control.
- Application control – allows you to restrict virtually any application from starting.
- Botnet Blocker – allows the Policy Manager administrator to block Domain Name System (DNS) queries from the host for domains that have a malicious reputation.
- Browsing protection – provides additional protection against unsafe web sites.
- Web Content Control – allows blocking of web sites that contain unsuitable content.
- Device control – lets you control and disable hardware devices.
- Software Updater – keeps your system and applications up to date by automatically installing patches as they are released by vendors.
- Offload Scanning Agent – moves malware scanning operations to F-Secure Scanning and Reputation Server.
- Rapid Detection & Response – uses lightweight, discreet sensors that collect behavioral data from endpoint devices to identify a wide range of attacks.
The table below shows which features are enabled with different product licenses.
Feature | F-Secure Server Security Standard | F-Secure Server Security Premium |
---|---|---|
Virus & spyware protection | ● | ● |
DeepGuard™ | ● | ● |
DataGuard | ● | |
Application control | ● | |
Web traffic scanning | ● | ● |
Firewall | ● | ● |
Browsing protection | ● | ● |
Botnet Blocker | ● | ● |
Device control | ● | ● |
Offload Scanning Agent | ● | ● |
Software Updater | ● | |
Web content control | ● | |
Rapid Detection & Response | ● | ● |
The supported languages are: English, Chinese (P. R.C, Taiwan, Hong Kong), Czech, Danish, Dutch, Estonian, Finnish, French, Canadian French, German, Greek, Hungarian, Italian, Japanese, Korean, Norwegian, Polish, Portuguese, Brazilian Portuguese, Romanian, Russian, Slovenian, Spanish, Latin American Spanish, Swedish, and Turkish.
What’s new
- New features and improvements
-
- Added support for Policy Manager Proxy auto-selection rules to configure the location-aware selection of proxies based on the following criteria: DNS server IP address, DHCP server IP address, Default gateway IP address, WINS server IP address, and My network address. The Proxies matched with the rules are always prioritized first while the rest of the Proxies are used only if the fallback behavior is in use.
- Basic and NTLM authentications are now supported when downloading virus definitions (GUTS2) via HTTP proxies.
- Added support for Antimalware Scan Interface (AMSI). The integration is turned on by default and can be turned off from Policy Manager.
- Various firewall related improvements:
- Firewall block rules support a configurable option to send alerts when the rule is triggered.
- Added support to define the rule’s scope with Windows application package IDs.
- Policy Manager administrators can hide certain profiles from end-users.
- The product generates alerts when encountering malformed firewall rules.
- F-Secure tray icon can be hidden from end-users. This can be configured from Policy Manager.
- The command line fsscan.exe scanner can report a list of all scanned files.
- Introduced Browsing Protection alerts that are triggered when malicious or suspicious sites are blocked.
- Introduced the Tamper protection feature to protect F-Secure endpoints from unusual interruptions.
- Device control block alerts are also generated when USB storage devices are reconnected.
- Notification events about overlapping manual and scheduled scan operations are logged to the Windows application event log.
- Client failover to GUTS2 services now happens without noticeable delays when the computer is booted or returns from sleep.
- New Software Updater engine. This new engine gives F-Secure flexibility to introduce Software Updater functionality on other platforms in the future.
- New “Scan all accessed files” scan mode for network drives introduced. Previously, only one scan mode (“Scan executed files”) was always in use for network drives, which is kept as the default mode in this release..
- Policy Manager admins can specify a password to release items from local quarantine or prohibit this option completely.
- Version requirements
-
- This Server Security version requires Policy Manager 15.10 or later, and Policy Manager Proxy 15.10 or later in case Proxy is in use.
- This Server Security version requires Windows Universal C Runtime (https://support.microsoft.com/en-us/help/2999226/update-for-universal-c-runtime-in-windows) for installation.
- This Server Security version requires Microsoft .Net 4.7.2 or later for the local user interface to function.
- Known issues
-
- Software Updater dropped Windows 10 features and service pack patches.
System requirements
Before you install the product, we recommend that you review this section to ensure that your network, hardware, software, and other system components meet the requirements.
Note: The minimum hardware requirements may not be sufficient if you run multiple services on the same system.
- System requirements for F-Secure Server Security installation
- To install F-Secure Server Security, the following minimum hardware and system requirements are recommended.
- Any computer that meets the requirements for the supported operating system.
- 10 GB or more disk space is recommended.
- An internet connection is required to receive updates and to use cloud-based detection.
- This Server Security version requires Windows Universal C Runtime (https://support.microsoft.com/en-us/help/2999226/update-for-universal-c-runtime-in-windows) for installation.
- Supported operating systems
- The product can be installed on a computer running one of the following operating systems:
- Microsoft Windows Server 2008 R2
- Microsoft Small Business Server 2011, Standard edition
- Microsoft Small Business Server 2011, Essentials
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 Essentials
- Microsoft Windows Server 2012 R2
- Microsoft Windows Server 2012 R2 Essentials
- Microsoft Windows Server 2012 R2 Foundation
- Microsoft Windows Server 2016 Standard
- Microsoft Windows Server 2016 Essentials
- Microsoft Windows Server 2016 Datacenter
- Microsoft Windows Server 2016 Core
- Microsoft Windows Server 2019 Standard
- Microsoft Windows Server 2019 Essentials
- Microsoft Windows Server 2019 Datacenter
- Microsoft Windows Server 2019 Core
Note: Windows Server 2016 Nano is not supported.
All Microsoft Windows Server editions are supported except:
- Windows Server for Itanium processor
- Windows HPC editions for specific hardware
- Windows Storage editions
- Windows MultiPoint Server
- Windows Home Server
Note: All operating systems are required to have the latest Service Pack installed.
Note: For performance and security reasons, you can install the product only on an NTFS partition.
- Supported terminal servers
- F-Secure Server Security supports the following terminal server platforms:
- Microsoft Windows Terminal/RDP Services (on the above mentioned Windows Server platforms)
- Citrix XenApp 5.0
- Citrix XenApp 6.0
- Citrix XenApp 6.5
- Citrix XenApp 7.5, 7.6
- Centralized management requirements
- F-Secure Policy Manager 15.10 is required to centrally manage F-Secure Server Security.
Setup and configuration
- Installation instructions
- Note: If you are using an installation package that does not include the sidegrade procedure, uninstall any potentially conflicting products, such as other antivirus or server security software, before you install F-Secure Server Security.
To install the product, you need to log in with administrator privileges.
- Installation instructions in virtual environments using the F-Secure Offload Scanning Agent
- If you want to deploy F-Secure Server Security to a virtual environment using the Offload Scanning Agent to minimize the performance impact on the virtualization infrastructure, you need to select the installation of the Offload Scanning Agent during installation.
For detailed instructions of installation of this feature, please refer to the F-Secure Security for Virtual and Cloud Environments deployment guide.
Note: You need to have F-Secure Scanning and Reputation Server in place for this functionality to work.
- Remote installation
- F-Secure Server Security supports remote installation with F-Secure Policy Manager.
- Centralized management installation
- To configure centralized management during the interactive installation, specify the F-Secure Management Server address in the form of host name or host IP address without protocol prefix and port suffix. Use the default HTTP port and HTTPS port values unless you have a non-standard environment.
Contact information and feedback
We look forward to hearing your comments and feedback on the product functionality, usability and performance.
Please report any technical issues via:
- F-Secure support web site: http://support.f-secure.com
- F-Secure Community: http://community.f-secure.com/t5/End-point/bd-p/End-point_Security
Before sending us a report about your issue, run F-Secure Support Tool FSDiag.exe on the host that is running F-Secure Server Security. This utility gathers basic information about hardware, operating system, network configuration and installed F-Secure and third-party software that helps us to analyze and solve the issue.
You can also run the FSDiag.exe utility under %ProgramFiles(x86)%\F-Secure\Common folder. The tool generates a file called FSDiag.tar.gz.
F-Secure license terms
F-Secure license terms are included in the software. You must read and accept them before you can install and use the software.