Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 17 replies
  • Subscribers 11 subscribers
  • Views 20584 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Policy non-compliance: Network Threat Protection

Josh Winter

So suddenly overnight we now have 20+ endpoints that are all reporting "Policy non-compliance:  Network Threat Protection" and the NTP service is showing as not running on all those.  Anyone else see this or have some insight as to why this would suddenly happen?

I'll need to look into it a bit further, but the only change I know of is we pushed out Windows 10 1803 to a bunch of computers last night.



This thread was automatically locked due to age.
Parents
  • 0

    Got an answer from Sophos Support and quite frankly, it's a complete cop out on their part.  Basically they're blaming "the nature of how Windows 10 updates" for sometimes causing their services to "get stuck".  Nothing in the email about their devs looking into the issue, just that reinstalling Sophos Endpoint is the only fix.  Based on our numbers so far, every time we do a major Win10 version update we'll have to go reinstall Sophos on around 15% of the endpoints.  

Reply
  • 0

    Got an answer from Sophos Support and quite frankly, it's a complete cop out on their part.  Basically they're blaming "the nature of how Windows 10 updates" for sometimes causing their services to "get stuck".  Nothing in the email about their devs looking into the issue, just that reinstalling Sophos Endpoint is the only fix.  Based on our numbers so far, every time we do a major Win10 version update we'll have to go reinstall Sophos on around 15% of the endpoints.  

Children
  • 0 in reply to Josh Winter

    Hi,

    On a computer where the "Sophos Network Threat Protection" service is failing, does it help to create the DWORD registry value LogLevel under:

    HKEY_LOCAL_MACHINE\SOFTWARE\Sophos\Sophos Network Threat Protection\Application\

    and set it to 4.

    When you then try and start the service, does the log file:

    C:\ProgramData\Sophos\Sophos Network Threat Protection\Logs\SntpService.log

    throw any light on why it's failing?

    Can you attach it?

    Maybe also confirm the output of the following command in a Admin Prompt:
    sc.exe queryex sntp

    Regards,
    Jak

Unfiltered HTML