Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 33 replies
  • Subscribers 1 subscriber
  • Views 136138 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Protection in Sophos Endpoint Protection 10

bwyatt

Hello,

I am having a considerable problem.

I just upgraded our Sophos Enterprise Console to v10 and everything went smoothly. I also noticed the Patch Assessment and Web Protection under Policies, so once I changed the SUM to use v10 for the client machines, I went to enable both the Patch Assessment and Web Protection.

Long story short, it didn't work. Eventually I checked the 'Detail' button and the licenses did not appear for Patch Assessment or Web Protection. This confused me: why even present the option to configure patch and web at all if you don't even have the ability to use it?

So I went back and disabled them both, did a 'comply with all group policies' update and moved on.

I then went to check my email (we use Google Apps) and it kept giving me an SSL error. Then my users started complaining of the same thing. Since I essentially troubleshoot things for a living, I turned off the web protection on my local Sophos configuration because it was the last thing I changed - this then allowed me into gmail. There were no error logs for this.

Problem is, it didn't care what options I set on the Enterprise Console. Even though I disabled web protection, is refused to let go of its settings and it remained on despite restarts, updating Sophos again and even deleting the computer from the console, re-adding and re-installing. Nothing worked.

Eventually I just disabled and stopped the Sophos Web Intelligence Service, that worked. That is far from ideal though. I need to be able to manage Sophos from the console as intended. My users cannot change the setting on their local Sophos (despite tamper protection being disabled at the console policy) and I don't want to have to have a disabled service to fix this; for all I know it affects other anti-virus processes!

Sorry for the long windedness but I wanted to try and answer as many questions as possible rigth off the bat.

Any assistance??

:19817


This thread was automatically locked due to age.
  • 0

    I've heard it could be as soon as Wednesday the 25th.

    Regards,

    Jak

    :21197
  • 0

    Thanks for the update.

    Where will the official announcement be made?

    :21257
  • 0

    It's OK - I checked the start of the thread and found the answer (which I should have done in the first place) :)

    :21263
  • 0

    @Sandy

    I just got done reading this thread, and today also found out that our new deployment of sophos 10 was also causing issues with an intranet page not loading.  I've contacted support also and am awaiting their response, but if i read this thread correctly, the issue should be resolved with the next update that the server should receive shortly.  Is that correct?  How will I know if the server has the correct update? In other words what's the earliest version that will have the fix for this issue?  I currently show the update version at 1.3.1.168 and have manually kicked off the check for new updates recently to see if it would change.  No change yet. 

    sandy wrote:

    Now in the warehouse. Your software should be automatically updated.

    :21321
  • 0

    Sandy,

      Can you verify which version was released to correct these issues? I show 10.0.1 on the endpoint.

    Thanks,

    Jason.

    :21359
  • 0

    I've got 10.0.1 installed on our clients and all our vista clients are appearing as having the Web Protection error, XP and 7 are not reporting any errors.

    Is there any further update on this?

    :21395
  • 0

    We still have the same problem for one of our intranet-sites. Sharepoint and other sites are ok, just one site based on Zope (python) still partially doesnt work when the Sophos Web Intelligence Service is started on the client computers. The page is also terribly slow and the worst part is that the users can't log in because the login-script is apparently blocked.

    According to the console we're at 10.0.3 now.

    :23651
  • 0

    We are still having terrible problems with this as well. We use OnSSI security camera viewer software called NetDVMS which connects to an internal server on port 80 which is in the same subnet as the clients. We have intermittient but frequent connection problems which are only resolved by disabling the Sophos Web Intelligence Service.

    :23673
  • 0

    We are also having problems with Sophos Web Intelligence Service breaking an intranet streaming site.

    Our students and faculty are using a product called Medivision and it essentially runs a hospital room simulator with cameras, audio, and sim-patients. The server collects all the data during a simulation and allows for review.

    The cameras stream to the browser using QuickTime embedded - and after modifying our group policies to place the Metivision server into the intranet zone, white list it on every thing I can think of - this service will not allow the live stream to connect. When I shut off the service - it all magically works.

    My option is to now run these workstations with the service disabled or find an answer from Metivision (who is going to punt to Sophos because it "works fine for them") or you, Sophos.

    I plan on opening a support case - but I figured I'd throw a "me too" into the thread.

    :23689
  • 0

    Hi,

    I've heard that as of 10.0.4, the exclusions might help as it will not be touched.  So for problematic sites you can add them to the exclusion list.  That should be out at the start of May.  It would be interesting to know if that helps you when it ships.

    Regards,

    Jak

    :23695