How to troubleshoot LSP interactions with Endpoint Security and Control / Endpoint Protection

  • Artikel-ID: 111225
  • Bewertung:
  • Der Artikel wurde von 10 Kunden mit 1.0 von 6 bewertet
  • Aktualisiert: 09 Sep 2015

The Web Filtering feature in Endpoint Security and Control uses a Layered Service Provider (LSP) to integrate with networking applications such as Internet Browsers.

Occasionally LSPs used in other, non-Sophos software, may affect the performance of such applications and cause unpredictable behavior due to a conflict. This article is intended to help identify if such a conflict is occurring.

The article explains how to identify the exact issue; confirm if the Sophos LSP is involved; check if the problem is a known incompatibility and if not (or required), provide the necessary logs for Sophos Technical Support to troubleshoot further for you.

Applies to the following Sophos product(s) and version(s)
Sophos Anti-Virus for Windows 2000+ 9.7.7
Sophos Anti-Virus for Windows 2000+ 9.5.5 VDL4.74G
Sophos Anti-Virus for Windows 2000+ 10.2
Sophos Anti-Virus for Windows 2000+ 10.0.9

Step 1. Identify the issue

Possible LSP related issues are reflected in any of the following behaviors in your internet or network applications:

  • apparent loss of connectivity
  • slowness
  • general unreliability

Step 2. Verify whether the Sophos LSP is involved in the issue

  1. Isolate a computer that reproduces the issue consistently.
  2. Disable the Web Filtering feature via the console, or see article 116970.
  3. Reboot the computer.
  4. When Web Protection is disabled, the LSP is also completely disabled and it no longer appears as a running process.

Check whether the application is still showing the same behavior:

  • If the issue is still apparent then the Sophos LSP is not the cause of the problem.
  • If the issue no longer occurs, our LSP may be involved, so you should proceed to step 3.

Step 3. If the Sophos LSP is involved, check whether we know about the interaction already

We've published a list of the LSPs that we know about, and have reported which ones we think are okay and which ones are not. Please check these lists before proceeding:

Possible interactions between third-party products and the Web Protection feature in Endpoint Security and Control 9.5.

Possible interactions between third-party products and the Web Protection feature in Endpoint Protection 10

  • If your application is not on this list, or if it is, but we've identified it as being okay, please proceed to step 4 in order to submit the information needed for further investigation.
  • If your application is on this list, and it is not compatible with the Sophos LSP, proceed to step 5 in order to work around the problem.

Step 4. Capture log files and submit to Sophos

  1. Close the application that is experiencing issues.
  2. Download and extract DebugView from SysInternals from: to the desktop.
  3. Run DebugView and click capture.
  4. Run the affected application whilst capturing is occurring, close again once the problem has occurred.
  5. Click Save to output the log to a file.
  6. Run the Sophos Diagnostic Utility on the affected computer
  7. Go to and create a new case.
    1. include a detailed description of how the issue is reproduced and what the unexpected effects of the problem are. Please always include the version of the affected applications.
    2. Attach the logs that you have collected:
      • SDU logs
      • the DebugView log
    3. Attach a copy of the 3rd party application's installation program.

Note: For more information on DebugView see article 119577.

Step 5. Implement a workaround

As Web Filtering is a component in your security suite, we recommend that whenever possible this feature should be enabled. 3rd party software that is involved in the incompatibility should be disabled or removed.

Wenn Sie weitere Informationen oder Unterstützung benötigen, wenden Sie sich bitte an den technischen Support.

Artikel bewerten

Ungenügend Hervorragend