Citrix shadowing with trend micros deep security policy applied

Posted on 2011-10-07
Last Modified: 2013-11-22
can anyone help please.

i have recently installed Trend micros Deep Security Anti-malware, i am confident everything is setup and configured correctly.  my users work within a citrix / terminal server environment.

after installation and after applying the deep security anti-malware security policy i have noticed that it is not possible  to shadow a users session again within citrix.  if the deep security policy is removed everything works ok and shadowing works as normal, if the policy is re-applied shadowing again fails, if the policy is removed again it works, i have done this many times and it is consistant.

what happens when the policy is applied and shadowing is attempted is that a command prompt screen pops up and the session appears to be locked, at this point the only way to continue is to reset the citrix session.

i have purchased Deep security only for the anti-malware option and i do have a full license for this, i do not have a requirement for any other aspect of this product like firewall, however, my deep security manager does still have a trial license still running for all options.

i have spoken to Trend about this and they do say to make sure all options (other than anti-malware) are disabled, i have done this and i can confirm that all options other than anti-malware are disabled but shadwing still fails when the anti-malware security policy is applied.

has anyone experienced this problem, could someone help please.

any help would be appreciated.

one last thing thing, my citrix servers are running on VMware esxi 4.1 but i dont think this has any bearing on the problem, just thought i would mention it.

Question by:winterp
    LVL 25

    Expert Comment

    It sounds like there is a firewall component.

    It may not be enough to just disable this module as that tends nowadays to put them into lockdown mode. I would set up a rule to allow the shadowing ports through.

    From memory, the shadowing uses the file sharing ports - when you're unable to shadow, can you access share on/from the Citrix servers?

    Author Comment

    Hi Tony
    thanks for you reply.
    like you i still believe its a firewall problem and yes i can access the file shares.
    its interesting to note (sorry i forgot to mention this in my original post) that, its possible to shadow a user session if your on the same server but not from two different severs when they have the policy applied.
    i will see if i can find the port and setup a policy to allow that port.
    LVL 25

    Expert Comment

    Hmm in that case, it may well be that Trend is actually applying a policy at the hypervisor firewall.

    Here's some info:

    Accepted Solution

    Bingo problem solved.
    Here are the details
    The Problem appears to be with EPSEC driver from VMware and that vShieldManager has a problem scanning SMB shares.
    Follow these instructions from Trend Micro and it should work, it did for me.
    Thanks for everyone’s help.

    Author Closing Comment

    thanks for everyone's help problem now fixed, while the last post from the expert did not solve the problem it did help

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive Gives IT Their Time Back

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    #Citrix #Citrix Policies #XenDesktop #VDI #POC #Citrix Univeral Printer Driver #Citrix UPD
    Create your own, high-performance VM backup appliance by installing NAKIVO Backup & Replication directly onto a Synology NAS!
    Teach the user how to delpoy the vCenter Server Appliance and how to configure its network settings Deploy OVF: Open VM console and configure networking:
    Teach the user how to convert virtaul disk file formats and how to rename virtual machine files on datastores. Open vSphere Web Client: Review VM disk settings: Migrate VM to new datastore with a thick provisioned (lazy zeroed) disk format: Rename a…

    737 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now