Jump to content

Endpoint Scan window


Recommended Posts

A few features that were slated for Nov. 15th had been pulled due to showstoppers. Those were fixed and sent out on Nov. 27th to finish the release update. There was a change included with the Incident Response for Windows, where a scan dialogue window was incorporated. If the user initiates the scan, they can cancel it. This is popping up on your server because one of your users started a scan.

Remove the software from your Citrix server or disable the incompatible roles. Citrix and Terminal server's can only use the Exploit protection feature, create a new group and policy for these servers and keep the Web and Malware pieces disabled as they do not support the role, and the Ransom protection should also be disabled as it does not support server OS.

Link to post
Share on other sites

Thanks djacobson... that's the exact opposite to what the sales guys told me yesterday when I raised issues with them.


Thanks very much for your continued responses, but trying to deploy this product really is getting to be a shitshow. Conflicting and out of date information, no one 'true source' of what is correct and what is not...


Do you have any insight into why RDS should be different from Citrix (I'm specifically referring to XenApp)? I'm assuming it's an issue with multiple user sessions, but if that's the case then RDS and XenApp would be functionally the same?


I'm also pretty pissed off that the (quite frankly, glaring) limitations weren't communicated when we trialed the product. Can you confirm whether up to date information is being passed to sales teams, or is there any escalation process to talk to someone who has the full facts as to what the product does and does not support?


I am of course raising ALL of these issues with the sales guys I'm talking to, but they don't seem to have the answers either.

Edited by MarkFleming
Link to post
Share on other sites

The sales team have resources for this when you are running a trial setup and encounter problems before closing, they are called the sales engineering team, SE's, they usually go over the more nitty gritty details that a sales agent most likely will not know about, since they aren't system admins, or as technically versed like someone deeper in the IT field.

RDS itself used to be in the same boat as Terminal and Citrix but was recently cleared with the release of MBEP's version of Anti-Malware tech within it. Terminal is being tested, though no date has been given. The status for Citrix, if and when it will be supported, is not known to me, though I can try to get an official statement from our Product Managers.

The issues are related to the multiple user sessions in two ways. On the technical side, each time a user connects, it generates another instance of the realtime process, which can bring a server down due to resource usage issues, if enough users are connected to eclipse the server's available resources. The other side is account management and licensing for a setup like that, this needs to be solved as well. If you are able to install and run the protection locally for the endpoints, that is supported, though if you have very minimal thin client setup, or have it so all applications and user profiles run from the Citrix server, I understand that is not going to be an option.

Link to post
Share on other sites

Thanks for the explanation.


Any idea why RDS is cleared but Citrix is not, given that they are both multi-user OS's and will both run a process per user? Is it just a case of it still being run through testing to make sure it is OK, or are there active known issues with running EP on XenApp?


I would love to have some clarity from the Product managers or the SE team...

Link to post
Share on other sites

Ok..  I may have initiated the scan and canceled.  The icon in the tray from the Citrix server is being passed to the clients.  So on my client computer it shows 2 or more Malwarebytes icons depending on the number of citrix servers they are connecting to.   Is there a way to stop that?

Link to post
Share on other sites

@MarkFleming only that RDS was tested, the ok was given for MB3 based tech of the MBEP product, I do not know the reason why RDS is ok but Citrix is not. RDS is still not supported for the MBMC version of the product.We are tracking this in order to feed info back to the development team about how people have it configured


@EdwardQ we will need to open a real ticket for that, please email corporate-support@malwarebytes.com. I have never heard of or seen that issue before. This will be something that will go to the development team. While Citrix is not supported right now, it can still give the dev team valuable info for when we try to bring support to Citrix.

Link to post
Share on other sites

  • 2 months later...
  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.