Remotely installing Computer Protection via Active Directory Group Policy (F-Secure)

0
(0)

F-Secure Computer Protection for Windows and F-Secure Server Protection for Windows can be installed remotely using GPO and any other similar deployment method that uses MSI package.

For the installation, you need the following:

  1. An Active Directory environment.
  2. All target domain members need to have a Universal CRT installed. Normally, it comes with Windows updates and is present on regularly updated systems. If the installation fails to detect it, a corresponding error message is issued to the Windows Event Log of the target system. If you need to install or repair it manually, use this link: https://aka.ms/vs/16/release/vc_redist.x86.exe.
  3. All target domain members need to have a .NET Framework 4.7.2 installed for all the UI features to work properly.
  4. The F-Secure MSI Transformation tool (FsMsiTool.exe) available at https://download.sp.f-secure.com/msitool/FsMsiTool_ui.exe.
  5. The .msi installer file to deploy either Computer Protection, Server Protection, or Computer Protection and F-Secure Elements Endpoint Detection and Response (F-Secure Elements EDR). Download the installer from one of the following links:
  6. Your subscription key to activate the product.
  7. The sidegrade .msi package, if you need to remove conflicting products before the installation: http://download.sp.f-secure.com/PSB/latest/installer/Sidegrade.msi.

To install the product via Active Directory Group Policy:

    1. Copy the installer to the domain controller shared folder where it is accessible for domain hosts.
    2. To activate the product during the installation, you need to provide the subscription key for the installation via Active Directory Group Policy. Using the F-Secure MSI transformation tool as described in Using the F-Secure MSI transformation tool, do one of the following:
      • Generate a MSI Transformation file (.mst) that is based on a subscription key and specify it in your Group Policy settings.
      • Embed the subscription key directly into the MSI package.

      Note: Use “VOUCHER” as the property name and the subscription key as its value.

    3. You can specify other MSI properties as described in the previous step for the VOUCHER property. For the complete list of MSI properties, see Command-line parameters and MSI properties.
    4. Open the Group Policy Management Console and create a new Group Policy Object that you link to the domain.
    5. Navigate to Computer Configuration > Policies > Software Settings > Software installation.
    6. Right-click the right pane and select New > Package….

    1. In the open file window, select OfflineInstallerCP.msi and then select Open.

    1. In the Deploy Software window, select Advanced to configure the package and then select OK.

    1. Go to the Modifications tab, and then select Add….
    2. In the open file window, select license.mst (the transform file from FsMsiTool.exe earlier), and then select Open. This adds the transform file path to the GPO settings.

 If you prepared a .mst-file for specifying the product language in step 3, then add the file with a product language code to the GPO settings the same way you added the license.mst file.

    1. Select OK to save the settings.

F-Secure Computer Protection is now ready for deployment via GPO.

The package is deployed after the GPO settings are refreshed on the domain computers and the computers are restarted.

Source : Official F-Secure Brand
Editor by : BEST Antivirus KBS Team

How useful was this post?

Click on a star to rate it!

Average rating 0 / 5. Vote count: 0

No votes so far! Be the first to rate this post.

(Visited 55 times, 1 visits today)
Tagged: