Dell Endpoint Security Suite Enterprise and Dell Threat Defense Known Incompatibilities with Memory Protection and Script control

Dell Endpoint Security Suite Enterprise and Dell Threat Defense Known Incompatibilities with Memory Protection and Script control


This article provides information on Dell Endpoiont Security Suite Enterprise application crashes and system lock ups.


Affected Products:

Dell Endpoint Security Suite Enterprise




When Memory Protection or Script Control is enabled on some systems, it can sometimes cause a conflict with other applications running on the device(s). This conflict is usually due to Advanced Threat Prevention injecting into certain processes that are being called by other applications on the device. Depending on the environment and the application, this can sometimes be resolved by adding in specific process exclusions to the device policy. However, if exclusions are not effective, it is recommended to disable Memory Protection and Script Control to restore normal system functionality.

Note: Memory Protection and Script Control use the same core functionality. If you are disabling features while troubleshooting, make sure both Memory Protection and Script Control are disabled.

The software applications below have been known to cause conflict when Memory Protection or Script Control is enabled. The associated CHP tickets indicate that the issues are currently being investigated by the Advanced Threat Prevention team. As the issues are addressed and fixed in future releases, Advanced Threat Prevention team will notify all users via release notes.

  • Citrix VDI and other related Citrix applications
  • Hyper-V
  • AppSense
    • Possible workaround: Apply memory exclusion for explorer.exe in the device policy
  • UniDesk w/ VMware View
    • Possible workaround: Disable driver ftsjail.sys (used by VMware for virtual scanner redirection)
  • VirtualBox
  • Citrix XenDesktop
    • Possible workaround: Uninstall the Citrix Offline Plugin (The file we've seen causing conflicts is RADEAPHOOK64.dll usually located in C:\Program Files (x86)\Citrix\System32) . Second alternative is to rename RADEAPHOOK64.dll once you are in the system
  • VMware ThinApp
    • Possible workaround: exclude the path location for VMware ThinApp as well as \windows\SysWOW64\rundll32.exe
  • McAfee Host Intrusion Prevention System (HIPS)
  • Windows Backup Application
  • SAP Application Server Processes.

For support, US-based customers may contact Dell Data Security ProSupport at 877.459.7304, Option 1, Ext. 4310039, or via the Chat Portal. To contact support outside the US, reference ProSupport’s International Contact Numbers. For additional insights and resources, visit the Dell Security Community Forum.


ID de l'article : SLN301521

Date de la dernière modification : 06/27/2018 10:34 AM


Noter cet article

Précis
Utile
Facile à comprendre
Avez-vous trouvé cet article utile ?
Oui Non
Envoyez-nous vos commentaires
Les commentaires ne doivent pas contenir les caractères spéciaux : <>()\
Désolé, notre système de collecte des commentaires est actuellement indisponible. Veuillez réessayer ultérieurement.

Merci pour vos commentaires.