E-mail and Server Security

E-mail and Server Security is our product for bigger companies with their own IT resources who wish to manage Exchange servers, SharePoint and EMC security centrally.


What's new in release?

  • Fix for failing ESS / SS 11.00 installation on Microsoft® Windows Server 2003

  • IP ranges for Browsing protection - You can use the Trusted Hosts table to specify hosts (internal servers) that are considered trusted and safe to visit without consulting Security Cloud (previously known as Real-time Protection Network). The Trusted Hosts table has been added to Browsing Protection policies and table supports both IPv4 and IPv6 IP addresses and ranges.

  • Application whitelist for F-Secure Network filter - You can use the application whitelist to define commonly used applications as safe. F-Secure Network Filter will not monitor these applications. The whitelist supports full path and SHA-1 hash methods.

Features dropped in this release

  • Proactive Virus Threat Detection

  • Heuristic Spam Analysis

  • Spam Assassin

  • Go to download

Installation steps

Centrally managed

  • 1

    Download and deploy Policy Manager

  • 2

    Import server .jar package to Policy manager and deploy the product


  • 1

    Download the package

  • 2

    Deploy the product

  • NOTE: If you want to deploy the product with the usage of Offload Scanning Agent (OSA), which is intended to minimize the performance impact to virtualization infrastructure, you will also need to deploy the Scanning and Reputation Server (SRS).

    Read more about the solutions for virtual environments


    For step by step installation instructions please refer to guide in the document section of the same page



F-Secure E-mail and Server Security 11.0 Hotfix 2 June 18, 2014

Related to security advisory FSC-2014-6.

OpenSSL has released new update for version 0.9.8, 1.0.0 and 1.0.1 which fixes 7 vulnerabilities. No known public exploits were found in the wild and no certificate change is required. Detailed explanation of the vulnerabilities can be found in the announcement.

Note: Applying this hotfix does not require a reboot.

F-Secure E-mail and Server Security 11.0 Hotfix 1 April 14, 2014

Related to security advisory FSC-2014-1.

This hotfix solves the OpenSSL Heartbleed vulnerability.

HeartBleed is a critical security vulnerability (CVE-2014-0160) in the OpenSSL cryptographic library, which is widely used by online sites and web-based services to provide secure connections. The vulnerability potentially allows an attacker to silently read information from the memory of a server. This means highly confidential information, such as web server private keys and user passwords, could be copied by an attacker.

Note: Applying this hotfix does not require a reboot.