we're testing Sophis Intercept X Advanced. Unfortunately there seems to be an issue with Sophos and Mozilla Firefox.
But first of all the prerequisites:
My default browser is Firefox. Usually I search by entering keywords in the combined URL/search bar. Since Intercept X is installed after a couple of search requests (or after a couple of minutes; not sure if it's a matter of time or of requests) google.com doesn't load any more, if I search for a keyword. Further, links on google.com don't work any more. Though if I enter a valid URL (including google.com) the website gets loaded as usual. If I restart Firefox everything including search/google works fine again for another couple of minutes. If I deactivate "Schutz vor Netzwerkbedrohungen" (probably "protection against network threats" in English) in the endpoint settings, everything works fine. This and the fact that we didn't have any issues without Intercept X installed make me believe that Sophos is the reason for the above-mentioned behaviour.
That's why I have two questions:
Please let me know if you need any further information. And please don't start a discussion about our default browser. That's not part of this thread :-)
You can try the following Steps:
In Firefox, type 'about:config' in the address bar
Search for this "security.tls.enable_0rtt_data" over there
Set the value from 'true' to 'false…
Anyone have a solution for this problem? Still having problems with Firefox when "Network Threat Protection" is enabled.
We have the same issue since some months, still waiting for a solution.Hope they fix it soon.
An update will be released close to the end of May which is aimed at addressing this issue, as well as others that have come up recently regarding Web Interception.
A few suggestions that have been published/found recently are as follows. I suggest trying these in the meantime to see if this allows you to keep Sophos' scanning features turned on.- Use Windows certificate store instead of Firefox- Disable DNS over HTTPS- OSCP Stapling for Certificates
Any update on a fix? This issue seems to be affecting me as well all Google affiliated sites,(e.g., mail, chat, meet, youtube) seem to be affected. FWIW, the https decryption was never enabled and I tried disabling Firefox's DNS over HTTPS (which did nothing).
Disabling Network Threat Protection (on client) would make the problem go away, but the only effective policy change seemed to be disabling the "Block Access to Malicious Websites"
One thing I did notice was that there seemed be some interaction between Sophos and uBlock Origin (Firefox plugin). No amount of whitelisting (in uBO) would make the problem go away, but I did find that if I disabled the plugin entirely things would work.
I'm not sure whether the OP uses uBO or not.
Hi all,any news on this update? May is over already and there was still no update or did I miss out something?
Set the value from 'true' to 'false'.
I just recently discovered the above setting. It worked for me.
This issue is actively being investigated by our development team. We do not yet have a fix. The steps suggested by Nico_C would be the best way to work around this issue for the time being.
There is a conflict with the "Zero Round Trip Time Resumption" feature in the FireFox browser.
Sorry, I have to tell you that after 2 days the problems came back again.
For us it is still working.