This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

freeze/thaw VSS failures when Sophos AV is utilized

Unitrends has an article (5520, https://support.unitrends.com/UnitrendsBackup/s/article/ka040000000PmjMAAS/000005520?_ga=2.69789140.576488646.1505169382-1745831295.1501935182) on getting freeze/thaw VSS failures on devices running Sophos A/V when doing backups. 

I've got one server experiencing this with Unitrends. I've got another server with Windows Server Backups that keep failing , but I haven't tried uninstalling Sophos on the 2nd one yet to verify that this this the same issue.

 

is there any official word from Sophos on this? Has anyone else experienced this? 

 



This thread was automatically locked due to age.
  • When can we expect an update from Microsoft? Within several weeks, months, years? We are experiencing problems since several months now.....

  • I can confirm this problem also exists on our Server 2016 Essentials with Acronis Backup 12.5 Standard Server. I disabled Tamper Protection and Sophos Health Service for now, but this leaves us in a very uncomfortable situation. Our customer has no internal IT and we provide all IT Services for him, but it is crucial for us to have all remote management informations. Now we are blind in terms of Sophos Server Protection.

  • Hi is there a time period where the problem will be fixed?

    Because this thread is open a very long time now.

  • Hi Everyone,

    I completely understand that this issue is open for quite some time. Microsoft is now working to release a fix and back-port the fix to Windows Server 2016. In addition to the fix from Microsoft, we have developed and are currently testing a workaround for the Sophos Central Server Protection product that will enable affected customers to configure the Sophos Health Service polling interval via a registry key, thus avoiding the conflict. We will provide a further update when we have confirmed dates for both the Microsoft and Sophos releases.

    Regards,

    Gowtham Mani
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • Any update on this? We are using Veritas Backup Exec and are experiencing the same issues on our test server. The server is Windows 2012 R2 and fully patched. When runnning manual backup is fine, but on first scheduled backup running at 11:30 at night these issues appeared.

  • Hi Robert,

    For now, if you're backup software can run a before and after script I would suggest having the before script stop the Sophos Health Service:

    sc stop "sophos health service"

    Then the after script can run:

    sc start "sophos health service"

    Of course, to be able to stop and start the service Tamper Protection would have to be disabled.

    In the next release of Sophos Health to server, I understand that via a registry key (to be disclosed) you can change the default Health registry write time from 15 seconds to a value such as 90 seconds.  This will workaround the Microsoft issue.

    There is a chance that Microsoft will fix the issue which will mean the above options are no longer required.  I guess the chance to Microsoft fixing the issue in 2012 is less than in 2016 but it may happen.

    Regards,
    Jak

  • Hi Robert,

    We have not received a confirmed update from Microsoft since we are currently expecting them to fix this flaw from their end via an update. However, it is expected to be released via RS5 update starting with Windows Server 2016, though we would still prefer to get a confirmed release information from Microsoft before we publish the fix details.

    We apologize for the time taken and request you to kindly help us with more time while we wait for confirmation Microsoft on the same. Additionally, Microsoft has not released any confirmation of a possible fix for Windows Server 2012 yet and hence requesting you to please help us with more time.

    Regards,

    Adithyan Thangaraj
    Community Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • Here are the steps for the Sophos workaround:
    https://community.sophos.com/kb/en-us/132691

    Regards,

    Jak

  • we are in 2019 already, and beside workaround of stopping the health service, I do not see a solution. Am I correct ?

  • Well Microsoft have declared they are going to fix the issue according to their KB article. For now you can create a registry key to alter the frequency of the transactional registry write performed by Sophos Health service  to work around the bug.