F-Secure Protection Service for Business makes it easy to deploy, manage, and monitor the security of your endpoints and related services from a single, intuitive console. It gives you real-time visibility into all your devices and their security status. Extensive dashboards with priority and severity ratings optimize administration, incident response, and remediation.
The new F-Secure firewall uses the default Windows rule engine to execute firewall rules. This greatly increases compatibility with other applications and appliances. The F-Secure expert ruleset, which contains advanced rules that counter risks such as propagating ransomware and lateral movement, is added on top of the standard Windows ruleset.
One of the major problems in business environments is the impact that rebooting the system has on productivity. In some cases, this impact can be severe. With the architecture changes, upgrading the application itself will now rarely ask for a reboot, and in most cases it is totally transparent for end-users. This enables for example running upgrades outside slotted upgrade windows due to downtime requirements.
The Management Portal has undergone usability improvements based on customer requests. These include more extensive scheduling options for scanning, profile grouping, improved product filtering, and global exclusions for larger environments.
Device Control can be used to disallow the use of hardware devices such as USB sticks, CD-ROM drives, web cameras, etc. in endpoints. You can set rules to allow a specific device while all other devices of the same class are blocked.
It's challenging enough to manage the security of modern, multi-device environments against external threats. The sheer variety of endpoints keeps increasing, as does the number of ways they are used beyond office networks. But perhaps the biggest issue in terms of maintaining your security is an internal challenge—prioritizing the allocation of limited time and resources.
F-Secure Protection Service for Business provides central deployment, management, and monitoring of all your endpoints as well as necessary security tools, like patch management, helping to reduce maintenance and management overheads.
Straightforward and scalable deployment.
Deploying endpoint security clients is simple. AV-Comparatives described installation as "no more difficult than installing iTunes".
Extensive graphical dashboards with priority and severity ratings.
Priority and severity ratings help administrators focus efforts where they are most needed, and increase the efficiency of incident response and remediation activities.
No need to invest in server hardware, software, or maintenance.
No need to spend time and money deploying or maintaining servers—all you need to manage your endpoint security is a browser.
Simplifies and streamlines security management, reducing the time and resources required.
Thanks to consolidated, streamlined management, automatic client and database updates, and automated patch management.
Cost-effective, open integration with any central management tool.
Can be used as part of a larger security ecosystem, managed via a Security Information and Event Management (SIEM) solution or Remote Monitoring and Management (RMM).
Central management for vital security tools, like patch management.
Vital security tools, like patch management, password manager, and mobile device management, can be centrally managed and monitored together with endpoint security.
Manage and monitor security without disruptions or delays.
No delays caused by polling intervals means you can configure, deploy, and validate changes—and remediate and deploy fixes—immediately.
Robust cloud-based architecture ensures great scalability.
With streamlined management and robust cloud-based architecture, you can effectively scale to and manage even a large number of geographically dispersed sites.
F-Secure Protection Service for Business integrates with any Security Information and Event Management (SIEM) solution or Remote Monitoring and Management (RMM) tool, as well as any other third-party auditing, management, provisioning or reporting tool via an industry-standard Rest API.
With a single console providing centralized visibility and manageability of all your separate solutions, you can optimize workflows and any investments in existing solutions. This also enables the seamless integration of the solution with more complex security environments and allows Managed Service Providers to provision and manage F-Secure product subscriptions.
AV-Comparatives found our endpoint installation "no more complicated than installing iTunes". We have made it even easier by enabling central deployment of all endpoint security clients from one portal through an email flow. The subscription key is automatically included in the link or installer so that the end-user need only click the link for the installation process to start automatically.
For larger environments, you can create an MSI package that can be deployed either with your own remote installation tools or with ours.
Conflicting security solutions are automatically removed during the installation of Windows clients, ensuring a smoother and faster transition from one vendor to another.
You can create and customize individual security policies (profiles) and assign them either individually or in groups to computers, mobiles and servers, respectively.
Configuration options are comprehensive and easy to modify to suit your needs. For example, you can:
You can set a large variety of web-related controls and rules, for example:
All settings and policies can be enforced down to the individual level if needed so that end-users cannot alter or change them.
The management portal gives you a complete overview of your entire environment's security status. This includes potential software vulnerabilities, rooted devices, missing security updates, and the status of security features like real-time scanning and Firewall.
For example, you can track the number of blocked infections and pay closer attention to devices that are attacked the most. You can set automatic email alerts so that specific infection parameters get your attention first. If you need more information on any particular infection, you can obtain it directly from our security database.
The management portal delivers a wide range of graphical reports in an intuitive format, making data easier and faster to digest and understand—and more appealing for stakeholders to read. Device security details can also be exported as CSV files if required.
Software Updater is a critical security component that's fully integrated into the Management Portal, offering automated patch management for all endpoints and servers. There's no need to install separate agents, management servers or consoles. It's the first layer of protection when malicious content reaches end-points and can prevent up to 80% of attacks simply by keeping security software up to date.
Software Updater works by scanning for missing updates, creating a vulnerability report, and then downloading and deploying them automatically or manually. Security patches include Microsoft updates and over 2,500 third-party applications such as Flash, Java, OpenOffice and others that commonly serve as attack vectors.
The administrator can define exclusions to the automatic mode. You can set the dates and time for automatic installations to run, and include a grace period before forcing a reboot after installation. For applications that don't need a reboot, there is none. If multiple applications requiring a reboot are updated at the same time, everything is handled with a single reboot.
Hosted security services have distinct advantages. There is no server hardware or software to install or maintain—your browser is all that you need. Protection Service for Business automatically updates third-party software when security patches are missing, so there is no need for manual updating. Also, endpoint security clients automatically receive client security database updates, saving even more time on security maintenance.
By utilizing real-time threat intelligence via F-Secure Security cloud, you are automatically protected against any new and emerging threats
Management API is an integration interface that allows complete integration of the PSB management platform with a third-party management system. All operations that are available through the Management Portal are also available through the Management API. This does not include ordering, which is done through the Partner Portal.
The integration helps to leverage your organization's existing investments and benefits from centralized management systems, for example by streamlining the administrator's security-related work.
Furthermore, it allows you to create additional automation, customized workflows and reports, among other things, further reducing the workload and optimizing the management experience and benefits for your organization's specific needs.
Device Control prevents threats from entering your system via hardware devices such as USB sticks, CD-ROM drives, and web cameras. This also prevents data leakage by allowing read-only access, for example.
When a prohibited device is plugged in, Device Control turns it off to prevent user access. You can block access to devices by setting predefined rules, and set rules to allow specific devices while all other devices of the same class are blocked. You can for example:
The new F-Secure Windows Firewall uses the default Windows rule engine to execute firewall rules. This greatly increases compatibility with other applications and appliances. The F-Secure expert ruleset, which contains advanced rules that counter risks such as propagating ransomware and lateral movement, is added on top of the standard Windows ruleset.
The administrator can extend the F-Secure rulesets with rules to tackle company and context-specific threats. Additionally, auto-selection rules allow administrators to define profiles adapted to the security needs of various networks.