Hello everyone,
I'm currently running a PoC with FortiEDR (5.2.0) and face a strange issue.
Clients are running in simulation mode, then we are adding exception before moving to protection mode (as expected).
But at a point, and not on all endpoint (4 out of 100), some of the application start to crash on the endpoint. Removing the exceptions restore the situation.
--> This seems that the evaluation of the rules makes FEDR to crash and by side effect, crash the inspected application.
Has anyone encounter a similar behaviour ?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello suniokera,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello suniokera,
We are still looking for someone to help you.
We will get back to you ASAP.
Regards,
Hi suniokera,
I'm sorry this is taking longer than expected. We're still looking for someone to help.
Kind regards,
Hi Suniokera,
This is certainly unexpected behavior. When this issue occurs, do you see any minidump files created in C:\Windows\Minidump\ for FortiEDR Collector or for the other application which appears to crash?
Separately, I'd like to understand the following:
1) When FortiEDR is running along side this application with an exception (in Simulation mode), how long does it take for the application to crash? A rough indication is fine here, I just want to know if it occurs every few minutes or every few days.
2) When FortiEDR is running along side this application without an exception (in Simulation mode), how long have you observed the application without seeing a crash?
Cheers,
-Luke
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1702 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.