Hello all.
All machines in discussion are domain joined, Windows 7 x64
We have had over time some random Windows 7 machines behave as if they are locked up completely. No network access at all although still respond to ping. Will also allow a remote session via powerShell. Windows explorer locks up, applications freeze as they are opened or work is saved to the network.
These machines are dead in the water until the Sophos Firewall Services is stopped. Then the machine will react almost instantly. Start the service again and the machine locks.
The fix until now was to re-protect the endpoints. Maybe 7 in total over a period of weeks.
Today we had approximately nine endpoints freeze with the only solution to stop the firewall service to allow the end user to gracefully shut down the machine. The first time this happened was mid-morning for a particular group. The second was at 5.00.pm with the bulk of our staff having left for the day.
Notably one machine I found that Sophos was indicating an update was in progress. It was the last machine I was looking at so may be a bad lead.
Also, on machine I connected to via a PowerShell Remote Session. The firewall service was turned off to allow the user to get work saved. The machine was left with the user logged in, Firewall Service NOT running for maybe an hour and a half. When I went to this machine and resumed the Firewall service everything was fine? Also logged in as another user and still fine?
I look after Active Directory and our Sophos management so can say with some certainty that nothing was pushed, altered or changed at the time. (Maybe Windows updates - will check tomorrow.)
I could see no firewall updates in the update log.
Hopefully I won't be walking into a shambles tomorrow morning when the bulk of staff return.
Any ideas?
Oh and sorry for the long post.
This thread was automatically locked due to age.
