Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 12 replies
  • Subscribers 13 subscribers
  • Views 5323 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SWI_FC.EXE Slowing Down Google Drive via Chrome

Brian Stewart

SWI_FC.EXE is slowing down Google Drive uploads via Chrome to an unacceptable degree.

We need to disable SWI_FC.EXE on 3 specific computers.  Is there a way to disable the relevant policies for a specific computer group?  If so, how?

From what I've seen, the relevant policies are tied to users, not computers, so this can't actually be done.

Thanks.



This thread was automatically locked due to age.
  • 0 in reply to jak

    The XML files are as you show them.

    The registry has reverted to 1 for Enabled.

    When I view the device details within Sophos Central, the correct Threat Protection policy (which I included a screenshot of above) is shown as being applied to the device.

    When I view the device details within Sophos Central, it shows that the "Base Policy - Web Control" policy is applied to the device.  This policy has Web Control enabled, which is what we want for our base policy.  I cannot change what "Web Control" policy is applied to the device because "Web Control" is a user policy only.

    When I view the details for the specific users logging into the device that I want to disable SWI_FC.exe for, the correct Web Control policy (which I included a screenshot of above) is shown as being applied to the device.
    Note that the screenshot shows the top level "Web Control" setting on that policy is enabled, but I have since disabled the top level "Web Control" setting.  I still do not know whether the top level control should be on or off.  When it is off, the descriptive text ("Ignore the settings in this section of the policy") implies that the base policy will take effect.  Though I have tried it both ways with no success.

  • +1

    We had to go into the individual users in Sophos Central and associate them with their domain logins.  I checked some other users, and everyone else was associated already (and automatically).  I'm not sure why certain users didn't have that association in place automatically, but once we put it in manually, the correct policies started applying.

    The fix for us was as follows:

    1:  Make sure the items under "Real-time Scanning - Internet" are disabled on a Threat Protection device policy applied to the specific devices.

    2:  Make sure all Web Control features are disabled (including the top level "Web Control" setting) on a Web Control policy applied to the specific users.

    3:  Make sure those specific users the Web Control policy is targeting have the correct logins assigned (if not, assign them).

    4:  Log off, wait a bit, and log back on.  (Or restart the device.)

    5:  Verify that SWI_FC.EXE no longer inserts itself between your browser and its traffic.

Unfiltered HTML