Our support team may ask you to test disabling the Sophos Layered Service Provider (LSP) when investigating a technical issue. This article provides instruction on how to do this to ensure that the LSP is completely disabled. These steps are for testing only and should be undone once the testing is complete.
Applies to the following Sophos product(s) and version(s)
Sophos Anti-Virus for Windows 2000+ 10.0
What To Do
To disable the Sophos LSP locally on a single computer
Note: If enabled, Tamper Protection needs to be turned off to access all endpoint configuration option (even as an administrator).
- Open Sophos Endpoint Security and Control (right-click the Sophos shield and select 'Open Endpoint Security and Control').
- From the home screen, click 'Configure anti-Virus and HIPS'
- Click 'Web Protection'
- Select Off in both drop down boxes (Block access to malicious websites and Download scanning)
- Click OK
- Click the Configure tab and select Web Control
- Ensure this is not ticked
- Reboot the machine
To disable the Sophos LSP from the Enterprise Console
- Open the Sophos Enterprise Console
- Under policies, Anti-Virus and HIPS, right click on Default and select View/Edit policy
- Under Web protection, select Off for both drop boxes (Block access to malicious websites and Download scanning)
- Click OK
- Repeat for all other Anti-Virus and HIPS policies if necessary (though you may wish to amend just one group for testing)
- Under Web control, right click Default and select View/Edit policy
- Untick Enable web control
- Click OK
- Repeat for all other Web Control policies (if just editing one, please ensure the policy is applied to the same group as the Anti-Virus & HIPS policy you amended)
- Reboot the applicable machines
This will ensure that our services are in the correct state before reboot, and then, after reboot, will unregister the LSP cleanly. These steps can be followed if you wish to disable the Web Protection feature on the client machines (not recommended as a long term solution) or determine if the LSP is the cause of any issue you are experiencing.
For further details on how to amend a policy in the Enterprise Console refer to the Enterprise Console policy set up guide