Carbonblack sensor and Server Security causing BSOD during reboot
When both products, Server Security and CarbonBlack sensor, are installed on the same server, BSOD occurs on every reboot. The problem is related to Windows Firewall. Existence of our drivers/services increases the chance of an MS bug to appear. Possibly our services issue some specific network requests, which cause memory corruption in the Windows firewall engine (memory corruption goes very deep into MS code of the firewall). This is an essential bug in the MS engine (possibly even a security vulnerability if such memory corruption could be made on request). This has been already reported to Microsoft. The workaround/solution is to stop MS firewall before reboot or try to relax/change firewall rules on the server. More information about Carbon Black: https://www.carbonblack.com/
Article no: 000016167
When a Citrix application is published for end users, traces of the server's F-Secure Server Security session also follows. Visible effects are:
when the user logs off the Citrix session, the F-Secure process fshoster32.exe remains running an F-Secure system tray icon becomes visible on the end-user's desktop performance degradation due to many fshoster32.exe processes running.
When the user's fshoster32.exe process is ended manually on the Citrix side, the icon disappears and the user's session closes.
For more information about this situation and a suggested registry change that can be used to end processes together with the main executable, read the following Citrix knowledge base article: Graceful Logoff from a Published Application Renders the Session in Active State. The following registry key has been confirmed by customers: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Citrix\wfshell\TWI Value Name:LogoffCheckSysModules Type:REG_SZ String:fshoster32.exe Make sure to familiarize yourself with the information from Citrix before making any changes to your environment. Also, confirm with a small scale test before pushing changes to production.
Article no: 000015484