5 Replies Latest reply on Dec 20, 2011 9:20 AM by brentil

    SAE 3.5 experience/issues


      I've installed the new SAE 3.5 on my machine as a testbed before deploying to our other test systems but from what I'm experiencing I have no desire to move forward with more testing.


      The documentation states in the installation area;

      • Mozilla Firefox 3.x or 4.x
      • Microsoft Internet Explorer 6.0 with SP1 or later (32-bit and 64-bit)
      • Google Chrome version 14


      It also states in the what's new area;

      • Support for Microsoft Internet Explorer 64-bit browsers
      • Support for Google Chrome version 13.0 or later
      • Support for Mozilla FireFox version 4.0.1


      Unless there is another KB that further defines this list I would then assume;

      • IE6, IE7, IE8, & IE9 support (as IE9 is not listed as not supported and is a 64bit & 32bit brwoser and has been out over 8 months)
      • Chrome 13, 14, & 15 support as "or later" is stated
      • Anything after FF 4.x is just SOL (even though their support for 4 has already ended with their new rapid release schedule)


      What I'm experiencing (post ePO policy review an configuration);

      • FF8
        • Obviosuly does not work, I didn't expect it too but it did install. 
        • It shows in the Add-On area as "IDS_SS_Name IDS_SS_Version" being the name of the product
      • Chrome 15
        • In GMail (or Live or SquirrleMail) I'm not being warned about malicious URLs inside of emails. 
        • Also when you click on a RED Blocked website it actually loads the page then reloads the block page where in IE it blocks outright.
      • IE9
        • In GMail I get the block message but it's all garbled in the upper bar area (see attached) and I do not get warnings in Live email. 
        • Also when I go to the ePO website that particular IE9 window uses 100% of one CPU even thoguh I've added the URL path to the internal ignore list.  Removing SAE 3.5 stops this from happening.
      • Outlook 2010
        • URL warning is working however if you click an email with a bad site it shows the warning but then if you click another folder and then come back to the folder the clicked email is on it shows the email without the warning.  You have to click off of the email and back on it again to get it to reshow.
        • 1. Re: SAE 3.5 experience/issues

          Of note ePO configuration changes do not seem to get picked up on the client end until the service restarts from either manually cycling it or rebooting the machine.

          • 2. Re: SAE 3.5 experience/issues

            Hey Brentil,


            I have just tested the IE9 and SAE+ 3.5 and also get my CPU spiking to 50%, very strange behaviour. This is with the out of the box policy so this is showing as an unknown site in the reporting. Ill try adding this to the 'allowed' policy see if that makes any difference.

            • 3. Re: SAE 3.5 experience/issues

              Made no difference, although I only seem to get the 50% CPU spike when viewing dashboards when browsing system tree or reports it drops back to normal.


              Also have seen the effect when the page loads (for example mail.google.com) and then is blocked a few seconds after in Chrome. This is good enough for blocked pages but obviously not ideal when a user visits sites which host malware.

              • 4. Re: SAE 3.5 experience/issues

                I am very confused about the FF version supported, i think the product still in phase beta, due the lack of functionality,  that is not an option to deploy in a production environment. I have the same experience, adding the web filtering for endpoint the test turn more interesting, the categories blocked shown in Siteadvisor like blocked but the page is shown without problem.





                • 5. Re: SAE 3.5 experience/issues

                  The 50% is because you probably have a dual core CPU and it's maxing out one entire CPU, thus 50% of the overall CPU usage.


                  I took and disabled it in IE9 because of this issue but doing so then disables it in Outlook too...