First Aid

Before you ask our support, please make sure that it is not already answered in our Support FAQs.

No, I have another question.

Support FAQs

The connection between all components is protected by TLS certificates and „Certificate Pinning” certificate pinning. If this connection is broken by network components, e.g. a proxy, the remote peer will reject the connection and return an error.

In order for you to configure your firewall correctly, we have created an overview of the required ports and destinations here.

Please make sure that:

  • no hashes are denied when installing the agent on the server (see also “Why does an error message appear when installing the agent?”).
  • the share is accessible with the Agent Setup for all PCs (security settings: read and execute for each)
  • the GPO refers to the correct UNC path.
  • Batch processing cannot be prevented by another GPO.
  • The user "System" is not restricted in his authorisations.
  • A network connection is present at the time of application of the GPO (system boot).

Of course this is possible, but we recommend to use the client management. A manual installation can be done by running cmd.exe as administrator. All necessary parameters for the installation via cmd.exe can be obtained by double-clicking on the Agent Setup (autosetup.exe) - don't worry, the setup will not be started by this.

Please note:
1. The “client.pem” and the “autosetup.exe” (Agent Setup program) must be located in the same folder.

2. The installation must be performed as administrator. You can do this by running cmd.exe as an administrator.
Windows basically distinguishes between two versions:

  • Double-click = execution as currently logged on user
  • Right click > Run as administrator = explicitly run with the highest permissions available

The agent can only be installed using the second option.

You receive the following message when installing or updating a seculution agent:

“Install failed: something was denied (server not in learning mode?)” 

The reason for this message is that the agent checks all currently running programs for clearance on the whitelist during setup. If one of the programs is not allowed, the setup routine of the agent is terminated intentionally. This is because it cannot be guaranteed that the program that is currently running on the computer but is not in the whitelist may be needed when booting the computer!

There are two possible solutions:
1. you switch on the learning mode for the affected PC and the denied programs can be added to the whitelist. We then recommend that you check the newly learned hashes with the seculution TrustLevel database (TLDB)!

2. You have intentionally restricted the use of programs that are denied on the affected PC in your whitelist. In the logs, check which programs are denied and also allow these programs for the computer on which the installation of the agent failed.

If you intentionally deny certain programs and still want to force the installation of the agent on a computer with unauthorised software, navigate to the client configuration in the AdminWizard and select “Installation” (next to “Behavior”). Here set the slider to “Off”. The agent will be installed on the PC even if software is running on the computer that is not approved.
Note that the software is blocked after the computer is rebooted. 

Can you start the program anyway? Then the hash is already on your whitelist.

Can you not start the program? Then the hash may be on your whitelist, but there is a restriction that only allows certain users or computers to use it.

Basically, all programs on the whitelist are uniquely identifiable by the resulting hash. If a hash is already on the whitelist, it will not be added again by an import.

To change the IP of your server, open the virtual machine console and restart the server (restart possible from the console or AdminWizard > Server Appliance > Restart). After the startup sequence, you have 10 seconds to press "Enter" and then adjust all IP configurations of your server as desired.

Important: All agents already deployed at this time will not be able to connect to the server and will switch to offline mode! Operation will of course still be guaranteed.

Note: The server IP is communicated to the agent during the installation by the client management or cmd.exe and is stored in the registry on each host.


Submit logs by mail

Support via TeamViewer

Download QuickSupport Modul

Open Support Ticket

* = Mandatory

Other Support Options


If you are a seculution customer, you can expand and refresh your knowledge of application whitelisting with seculution in various training courses at any time.

User Feedback

Any idea, no matter how good it may be, is useless if it is not shared with us. We constantly improve our product with feedback from everyday use. Soon with your ideas, too?

* = Mandatory


Installation, initial configuration and operation

More FAQs from our manual.

Release Notes

Remote Support Information

We are also happy to offer you support directly on your PC. To do this, you make an appointment with us at which we should conduct the online session. Using the TeamViewer QuickSupport software, the seculution support team can view your screen directly on request. This allows our staff to provide you with even more convenient and effective support in the event of questions and problems.


  • Without your explicit consent, the consultant cannot look at your PC.
  • Without your explicit consent, the consultant cannot work with you.
  • No third-party programs will be installed on your PC.
  • It is not possible to remove data from your PC unnoticed and without authorisation.
  • You can end the joint session at any time.

TeamViewer Disclaimer

You are about to have a joint PC session with a seculution support representative.

Note: By starting the TeamViewer software you accept the disclaimer when using TeamViewer. 

Disclaimer for the use of TeamViewer

The seculution GmbH does not assume any warranty for the programs installed on your computer or their protective devices. The customer is solely responsible for his data security; regular backups and an up-to-date virus protection program are assumed by us.

The seculution GmbH accepts no liability for malfunctions not caused by seculution GmbH, even if they are in close proximity to the support provided.

With the download you confirm the acceptance of the agreement for online support and start the download of the TeamViewer QuickSupport software.

© Copyright 2020 seculution - All Rights Reserved