WithSecure Policy Manager connector

WithSecure (previously F-Secure) connector gathers information about antivirus status on computers. For example, virus definition dates and when antivirus server has last seen particular computer. Connector can be configured to read data about all computers or only about computers in some selected policy domain groups. It can send the data of different policy domain groups to different Miradore servers.

Typically this connector is installed to the server running WithSecure Policy Manager.

You can find the connector installer from: <Miradore server installation directory>\Connectors\F-Secure Policy Manager\F-Secure Policy Manager Connector.msi.

Requirements

• Compatible with F-Secure Policy Manager Server up to version 14.41 (not tested with later versions)

• F-Secure Policy Manager Web Reporting

• Correct SSL certificate must be available in rootCerts.pem file on the connector's installation directory if HTTPS connection method is enabled from Miradore system settings

 

Installation Using Windows Installer

1. Run the “F-Secure Policy Manager Connector.msi” installer file

2.  Set connector configurations. All fields except “F-Secure policy domain group” must be filled before Next button can be pressed

1. Miradore server name: Host name or IP-address of Miradore server. Collected data is sent to this server.

2. Miradore instance name: Many Miradore Servers can run on same host. Instance name specifies the server.  By default, server is installed with instance name "Miradore".

3. Miradore server port: TCP/IP port that Miradore server uses. By default it is 80.

4. Use HTTPS: This option defines protocol (HTTP/HTTPS) that is used when the connector sends result file to the Miradore server.

5. Ignore SSL errors: If checked, all SSL certificate errors are ignored.

6. Use proxy: If checked, connector uses proxy server to connect with Miradore server.

7. Proxy server: Host name or IP-address of proxy server.

8. Proxy port: Proxy server’s port

9. Proxy authentication method: Authentication method that proxy server uses. Available methods: none, basic, digest and NTLM

10. Proxy user name: User name for proxy server

11. Proxy password: Password for proxy server

3. Set F-Secure server settings

   1. F-Secure Policy Manager version: Select which version of F-Secure Policy Manager is used. Notice: Starting from connector version 1.5.2, the connector detects the Policy Manager version automatically.

   2. F-Secure Policy domain group: F-Secure policy domain group name. If you want to define path to subgroup use '\' as delimiter (for example: Miradore\Desktops). ‘\\’ can be used to mark single ‘\’ character in group name. If this is left empty, information about all computers in F-Secure database is read. If you have to set multiple groups, you have to configure them manually to fs_connector.ini file created by the installer.

   3. Restart service automatically during installation: If checked, F-Secure Policy Manager service is automatically restarted during the installation.

   4. Start driver installation after connector installation finishes: If checked, psqlODBC Setup Wizard will be automatically started after installation.

4. Set Windows Task Scheduler configurations

   1. Add to Scheduled Tasks checkbox: if checked, Miradore F-Secure Connector task is added to Windows Scheduled Task and all fields must be filled before Next button can be pressed.

   2. Start time: Connector is run daily at this time.

   3. User account: Select to use SYSTEM account or give username and password that is used to run task.

   4. [Domain\] User Name: Scheduler will run task as it was started by this user. Add domain if needed.

   5. Password and Retype password: User’s password. Passwords must match.

5. Set destination folders for the application and log files

   1. Destination folder: Specifies the directory where the connector will be installed to.

   2. Log folder: Specifies the directory where the connector writes the log files.

6. Start installation

7. Authorize connector, see Connector authorization

8. Test that F-Secure connector works properly

Testing

If you want to test connector without sending output files to Miradore server, configure connector so that ServerHostName value in fs_connector.ini file is not valid server name. See “Connector configuration” for details. If you want to check output files after you have run the connector, they are stored to “<installation directory>\Output” directory.

1. If you added F-Secure connector to Windows scheduled tasks, open Scheduled Tasks menu (Start Menu -> All Programs -> Accessories -> System Tool -> Scheduled Tasks). Otherwise open installation directory.

2. Run F-Secure connector scheduled task or fs_connector.exe manually.

3. Open F-Secure Connector log file (see Log for details)

4. Check that there are no errors or warnings in the log.

 

Log

F-Secure Connector writes log every time it is run. It creates two files for log: fs_connector.log and fs_connector.old. fs_connector.log has information about last run and fs_connector.old archives old log files. Size of fs_connector.old is limited to 2MB. Location of those files is defined in  fs_connector.ini file (See Configurations). By default log files are stored to  <Connector installation directory>\Log  

 

Technical description

Miradore connector for WithSecure Policy Manager

 

Additional info

• MSI Installer parameters

  Following F-Secure specific parameters can be given to installer from command line. Value name Description Format Default value INSTALLDIR Installation directory Path   SERVER_HOST_NAME Host name or IP-address of Miradore Server String - SERVER_INSTANCE Miradore Server’s instance name String - IGNORE_SSL Determines whether the connector ignores SSL certificate errors. 0 = No, 1 = Yes Numeric 0 PROXY_AUTH_METHOD Authentication method that the proxy server uses. Available methods: None, Basic, Digest, and NTLM String None PROXY_SERVER Host name or IP-address of the proxy server. String   PROXY_PASSWORD Password for proxy server String   PROXY_PORT Proxy server´s port Numeric   PROXY_USER Username for proxy server. String   SERVER_PORT Miradore server's HTTP(S) port. Numeric   USE_PROXY Determines whether the connector uses proxy server to connect with Miradore server. 0 = No, 1 = Yes Numeric 0 USE_HTTPS Determines if HTTPS is used instead of HTTP. You must set some value for this. Possible values: 0 = false, 1 = true. Numeric   LOG_SEVERITY Severity level of information that is written to the log file. (Debug, Info, Warning) String Info LOG_PATH Directory of log files Path %ProgramFiles%\Miradore\Server\Connectors\Logs\AD ADD_TO_SCHED If 1, connector will be added to Windows Scheduled tasks. Then also four following parameters must be given. (1, 0) Numeric 1 START_HOUR Starting hour of Scheduled task. Must contain two digits Numeric 00 START_MIN Starting minute of Scheduled task. Must contain two digits Numeric 00 SCHED_USER Scheduler will run task as it was started by this user. Add domain if needed String - SCHED_PW Scheduler user’s password String -

   

• Connector configuration

  INI file (fs_connector.ini) Connector uses fs_connector.ini file for its configurations. INI file has two built-in sections [_Global_] and [_DefaultValues_]. In addition user can define F-Secure policy domain group specific sections. If fs_connector.ini file doesn’t exist in the same directory as fs_connector.exe, it’s created to that directory and it contains [_Global_] and [_DefaultValues_] sections. [_Global_] has logging and database connection settings and they can’t be under other sections. [_DefaultValues_] contains default network settings which are used if values are not defined in policy domain group specific sections. [_Global_] Version= DBServer FileLogSeverity= LogFilePath= DBPort=   [_DefaultValues_] ServerHostName= ServerInstanceName= ServerPort= UseHttps= VerifyPeer= VerifyHost=   Logging and database connection settings Value name Description Type Default value Version Enter here the version of F-Secure Policy Manager that is used. Numeric   DBServer Database server name. String localhost LogFilePath The path of directory where log file is written. String <Installation directory>\Log FileLogSeverity Can have three different values: Verbose, Debug, Info. Those values mean severity level of information that is written to the log file. String Info DBPort Setting for database server port. If this setting hasn't been configured, the connector will use default port 5435. Numeric 5435   Network settings Value name Description Type Default value ServerHostName Miradore server host name String - ServerInstanceName Miradore instance name String Miradore ServerPort Miradore server http(s) port Numeric 80 UseHttps Determines if HTTPS is used instead of HTTP.  Possible values: 0 = false, 1 = true. Numeric 0 VerifyPeer Determines if server's SSL certificate is verified. Possible values: 0 = false, 1= true. Setting this to 0 makes https traffic unsecure. So use this only for testing purposes. Numeric 1 VerifyHost Determines if server's host name must match the name defined in SSL certificate. Possible values: 0 = false, 1 = true. Numeric 1   Adding policy domain group specific settings Policy domain group specific network settings can be added to separate INI file sections. This is needed if you want to send data from different policy domain groups to different Miradore servers. Connector uses setting from [_DefaultValues_] section if it is not defined under the group specific section.   Section naming Those sections must be named as [<policy domain group name>]. Subgroups are delimited in <policy domain group name> by ‘\’. If group name contains ‘\’ characters, you can use ‘\\’ to mark this. Examples: F-Secure policy domain group Section name in fs_connector.ini Miradore >Desktops [Miradore\Desktops] Miradore > Desktops \ Laptops [Miradore\Desktops \\ Laptops]   Example INI files With following settings connector reads data about all computers from F-Secure server and sends it to “s0001” server’s “Miradore” instance. [_Global_] FileLogSeverity=Info LogFilePath=c:\Miradore\Connectors\F-Secure\Log [_DefaultValues_] ServerHostName=s0001 ServerInstanceName=Miradore ServerPort=80 UseHttps=0   With following settings connector reads data about computers in “Miradore > Laptops” and “Miradore > Desktops” policy domain groups from F-Secure server and sends it to “s0001” server’s “Miradore” instance. [_Global_] FileLogSeverity=Info LogFilePath=c:\Miradore\Connectors\F-Secure\Log [_DefaultValues_] ServerHostName=s0001 ServerInstanceName=Miradore ServerPort=443 UseHttps=1 VerifyHost=1 [Miradore\Laptops] [Miradore\Desktops]   With following settings connector reads data about computers in policy domain groups “Client A” and sends it to “s0001” server’s “Miradore1” instance using https, “Client B” and sends it to “s0001” server’s “Miradore1” instance using https and “Client C” and sends it to “s0002” server’s “Miradore1” instance using http. [_Global_] FileLogSeverity=Info LogFilePath=c:\Miradore\Connectors\F-Secure\Log [_DefaultValues_] ServerHostName=s0001 ServerPort=443 UseHttps=1 VerifyHost=1 [Client A] ServerInstance=Miradore1 [Client B] ServerInstance=Miradore2 [Client C] ServerHostName=s0002 ServerInstance=Miradore1 UseHttps=0 ServerPort=80

   

• How to create Windows Scheduled Task manually

  F-Secure Connector should be added to Windows Scheduled tasks. This can be done in Scheduled Tasks menu by using following instructions (Windows Server 2003) Open Scheduled Tasks menu (Start Menu -> All Programs -> Accessories -> System Tool -> Scheduled Tasks). Double click Add Scheduled Task icon. Click Next button. Click Browse button to find fs_connector.exe. Find fs_connector.exe from the location where you copied it. Select “Perform this task: Daily” radio button. Click Next. Set Start Time, for example 1:00. This is the time when F-Secure Connector is run. Check that “Perform this task: Every Day” is selected. Click Next. Set user name and password of a user which will run F-Secure Connector. Click Next. If you want to give configurations as startup parameters (see configurations), check “Open advanced properties for this task when I click Finish” checkbox. Click Finish. If you opened advanced properties and want to set configurations as startup parameters, add following to the end of Run text field: -s server_host_name -i server_instance name, where server_host_name is name of your Miradore http server and server_instance_name is name of your Miradore server instance. If your Miradore http server uses different port than default (80), you have to add also -p serve_port parameter. So, Run text field could look like the following: “C:\Miradore\Connectors\F-secure\fs_connector.exe -s dcm00010 -i Miradore -p 80”. Check that all text is between quotation marks if they are on the text field. Click OK.

   

 

See also

Network settings for connectors

Connector authorization

System settings for connectors

 

---

Copyright © 2022 Miradore Ltd. All rights reserved. Miradore is a registered trademark of Miradore Ltd. All other trademarks or registered trademarks are property of their respective owners.