Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 17 subscribers
  • Views 14330 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Endpoint Security and Control conflict with Microsoft Office on Windows file server (SMB version 2 (or newer))

K_M

Thought I would throw this out there as an FYI for other users:

We have a Windows 2012 R2 file server with various Excel/Word files on it.  Users open these file from a share and save the files back to the same location (typical file share behavior) using Office 2007, 2010 or 2013.  The problem is that when Sophos On-access scanning is enabled, it creates new <randomname>.tmp files in the share every time the file is saved.  I can reproduce this on demand by turning the on-access scanning on or off.

We started a support case (Ticket #6660170), but unfortunately we always get sent to the lowest level support and have had many many problems trying to get through to experienced engineers who understand the software whenever we need assistance.  Eventually, we gave up on the case and used a workaround of excluding *.tmp files from on-access scanning.  Not ideal, but better than filling our file server with useless files.

Anyone else encounter this and if so, any luck on a better solution?



This thread was automatically locked due to age.
Parents
  • 0

    We are also seeing this same issue on a brand new build.  Do the ntfs permissions matter?  Referencing our ticket number - [#6860243]

  • 0 in reply to Aldo Cabrera

    I wish I could help, but the only answers I got from Sophos was from *unofficial* support.  They gave the following options:

    1. Set On-Access scanning to Read only
    2. Disable "SMB2 and SMB3" on the network shares.
    3. Disable Opportunistic Locking on the network shares.
    4. Disable Access-based enumeration on the network shares.

    Since none of these were ideal for our environment, I opted to disable scanning of *.TMP instead.  They said a fix isn't on the roadmap until late 2017 at the earliest.

Reply
  • 0 in reply to Aldo Cabrera

    I wish I could help, but the only answers I got from Sophos was from *unofficial* support.  They gave the following options:

    1. Set On-Access scanning to Read only
    2. Disable "SMB2 and SMB3" on the network shares.
    3. Disable Opportunistic Locking on the network shares.
    4. Disable Access-based enumeration on the network shares.

    Since none of these were ideal for our environment, I opted to disable scanning of *.TMP instead.  They said a fix isn't on the roadmap until late 2017 at the earliest.

Children
No Data
Unfiltered HTML