Turning on Web Protection destroys PC's

Bob,

After getting the details about the DLL issue last week, we did some further investigation and confirmed that the APC software was on all 3 of the machines that were crashed.  The 3 computers we used by the people testing the software from a few years back.  APC also has a post about issues with thrid party anti-virus spyware apps.

We have successfully re-pushed sophos to the one machines we were able to recover.  With the Web filter turned off and we had no issues.

Thanks for the update

Is there a specific DLL issue with the NVIDIA?

Also having the same issues as described in this post, installed the new version of Sophos to test before deploying it to all of our workstations, installed it to a few test PC's fine, then installed it to my management station and bang as soon as the policies were deployed everything started crashing.

My PC is the only windows 7 and also has a lot of software most haven't but luckily with the Sophos Web Protection service crashing it led me to this thread.

Has anyone got a link to the APC post saying about the issues with third party anti-virus/spyware programs?

Hi,

Glad to hear the information was helpful to recover your PCs. Again really sorry to cause you that pain, we tried very hard to learn as much about compatibility as we could before release. We are actively working on solutions to improve compatiblity with the APC software as well as other third-party LSPs in general.

Re: the NVIDIA incompatibility, the net results are quite similar (machines unable to reach the Windows login prompt successfully). It is specifically with a DLL named "nvlsp.dll" provided by NVIDIA's App Filter product. We learned of the incompatiblity from a Sophos employee who had a similar experience with their home machine.

We purchased an Acer Atom-based system with the NVIDIA Ion chipset for our compatibility testing, and we were able to see where the interactions went wrong and implemented a fix, to be released in 9.5.2. I suspect other manufacturers are also shipping products with the NVIDIA Ion chipset, but we didn't make an exhaustive search.

Bob Cook

Development Manager, Sophos

InfraStruXureÔ Manager v4.5 Release Notes

Part Numbers Affected:

Minimum Requirements:

Any one of the following browsers can be used when Javascript is enabled, and Java Plug-in (JRE) version 1.5 is installed:

• Mozilla Firefox version 1.0.6
• Netscape Navigator version 7.2
• Internet Explorer version 6.0 (when the Active X component is installed and enabled)
• Windows 2000 or Windows XP

New Features:

The following features were added to InfraStruXure Manager version 4.5:

• Physical Layout view
• Importation of ISX Designer configuration layouts
• NetBotz products support (all)
• Console Port Server support
• Digital KVM support

Layered Service Provider (LSP) and The InfraStruXure Manager client:

The InfraStruXure Manager client installs a Layered Service Provider (LSP), pl15w2sp.dll, on the client machine on which it is installed. This LSP allows the InfraStruXure Manager client to communicate effectively with devices residing on InfraStruXure Manager APC LAN.  Due to the nature of the LSP interaction with the client machine’’’’s network communications, some anti-spyware applications may alert you when this software is installed. The DLL that is installed with the InfraStruXure Manager client (pl15w2sp.dll) is digitally signed by American Power Conversion, and is solely for the purpose of communicating with devices on the InfraStruXure Manager APC LAN.  If you choose to not allow this component to be installed on your client machine, you will not be able to launch to device detail screens for any devices that reside on the APC LAN.

Hi Bob

Is there any update on this, have you managed to make the two compatible or do I need to make sure the PC's with the APC software on don't get the web protection installed still?

Thanks

Alex

Hi Alex,

Our testing with the APC software shows there really isn't a practical way for our software to work with their software, given how our software is built today. The LSP from APC simply does not operate correctly with other similar LSPs installed (even the Windows Parental Controls on Vista Home or Vista Ultimate fails to work successfully with their software as well).

In the 9.5.3 update we are introducing a mechanism to detect incompatible LSPs and notify adminstrators when the Web Protection feature is enabled. Our LSP will not be activated when we detect one of these incompatible LSPs, thus avoiding the very bad experience of being unable to boot the PC.

Update re: the NVIDIA App Filter LSP mentioned earlier in this thread - due to some unforeseen issues we will not be including a fix in 9.5.2 as planned. This fix has been scheduled for 9.5.4. Apologies for the inconvience.

Thanks,

 Bob Cook
Development Manager, Sophos Vancouver