Friday, 19 November 2010

Sophos fire wall in SBE (Sophos Endpoint Security and Control)

I have had a problem in the in last few days where Sophos Client Firewall has stopped our Netscreen client VPN working on client PC’s running windows XP sp3.

We have contacted Sophos for support, as always deny any problem and have now sent some diagnostics to see where our software has gone wrong.

We have use Sophos SBE for nearly 3 years and as yet not had to many problems.

Does any one have any ideas why Sohos Client Firewall should suddenly stop VPN traffic on all our remote workers?
At the moment we don't have a lot of good things to say about Sophos UK Support.

Will keep you updated if we find a solution, we are looking a installing a different firewall to get us thru until Sophos sends a fix.

Well the response from Sophos has been poor, I get a feeling that they think their product would not cause any problems. Sophos fire wall installed Netscreen client VPN will not connect Sophos firewall unistalled it does. Currently using Zone alarm as a stop gap. Our remote workers are not remote workers without a secure VPN!

So why does Sophos firewall Kill Netscreen VPN?

Have decided to remove the Sophos Client Firewall (SCF)

Now unable to unistall the Client Firewall by add remove programs or msiexec.exe /qn+ /x {12C00299-B8B4-40D3-9663-66ABEA3198AB} /norestart
Sophos Support sent Script to remove Sophos products i.e. the SCF (Sophos Client Firewall)

Have now run the Sophos product removal tool to get rid of the fire wall (SCF) guess what I still have a broken firewall and antivirus. Autoupdate and Remote manager have gone.

So back to Sophos. I am not to sure what Sophos will do next, if their script can't do the job how can you get rid of Sophos. We have already rebuilt a couple of machines to get folks working.

Will be 7 days since the call was logged with Sophos Support.

Still have a Sophos Firewall (SCF) we can’t uninstall or remove Sophos have said that they are still working on the case.

I have now gone for the rebuild option to remove Sophos products.

We are still waiting for some help on the VPN issue. I have asked if the call has been escalated and how the escalation system works, no response to that question.

Has any body had a similar experience with Sophos support?

Our contract is due next year may be a time for a change.

Remote workers still not working remotely.

Well a week since a call was logged with  sophos, no solutions from Sophos. Still unable to force an uninstall of the Sophos Firewall. No feed back on teh VPN software issue.

I think the chap who is handling the call appearsto be none technical he seems unable to undertand basic IT. My current thoughts about Sophos UK support is very poor, Sophos have provided little feed back. I think Sophos Support are waiting for us to get fed up or fix the issue our selves.

My advice is if you want a supported Antivirus product don't get Sophos Firewall, as yet the support we have had has been very poor. I guess if we were a multi national with many desks the support from Sophos would have been better.

Well time to go no feed back today from Sophos Support, how hard can it be to provide advise on how to remove your own software.

2 Weeks since calling Sophos Support and I have resolved the issue my self

I think I have sorted the Sophos Vs Netscreen client VPN software problem.

Sophos Firewall creates some additional drivers when it detects the older version of Netscren VPN. These drivers can cause a blue screen (file reporting error SCFINT.SYS), if the XP machine blue screens go into Safe mode and stop the Sophos Fireall Services.

Restart normally.

Uninstall the Netscreen VPN client.

If you had to stop the Sophos Firewall services then restart them, and restart.

Hopefully will now restart.

To fix install the latest version of Netscreen Client VPN for your operating system.

Test to see if the VPN connection now works.

If all is well after a few Sophos updates you have fixed the issue.

As far as Sophos having a Sophos removal tool, it appears they don’t apart from add and remove programs.

I have been sent various things by email including and array of .reg files to remove reg keys.

I guess if you install Sophos software you are stuck with it until you rebuild.

No comments:

Post a Comment