Previous known issues

Agent-created simple firewall port exceptions do not block as expected [VPBAGENT-4209] 

When simple firewall port exceptions are created, VIPRE does not block as expected.

Workaround: Create an advanced firewall exception

Navigate to the Advanced Exceptions screen in the VIPRE Agent, then select Help for detailed instructions.

1. Open the VIPRE Agent
2. Navigate to the Advanced Exceptions screen:

1. Click Firewall > View Settings
2. Under the Firewall section, click Exceptions...
3. Click the Ports tab > Add Advanced....

You can add Advanced Exceptions from this screen. For detailed steps on adding Advanced Exceptions, click the Help button on this screen.

Agents running Windows Server 2019 do not reboot when clicking "Reboot Now" on a VIPRE Reboot Required condition [VPBAGENT-3920] 

This is a condition that occurs due to changes in Windows Server 2019 security settings.

Endpoint devices running Windows Server 2019 will not reboot when the "Reboot Now" button is selected unless the user account is added to a specific Windows Local Security Policy. The default "Administrators" group cannot restart the Agent using this method.

Workaround 1: Add the user to the "Shut down the system" policy

To add a user account to the "Shut down the system" policy

1. On the Agent machine, open the Windows Local Security Policy
2. Add the required user account to the "Local Policies" > "User Rights Assignment" > "Shut down the system" policy
3. Sign Out and Sign In to the machine (or reboot) for the policy change to apply

The next time VIPRE requires a reboot, the modified user will be able to reboot the computer using the "Reboot Now" button.

Workaround 2: Restart the Agent manually

Instead of using the Reboot Now button, users can manually restart the Agent through the Windows Start menu.

Device Control lists some devices as having an incorrect or unknown device type [VPBAGENT-4004] 

Although Windows Device Manager shows the correct device type, Device Control lists some devices as incorrect or unknown device types. Therefore, incorrect and unknown devices will not apply any Device Control access permissions as expected.

Workaround for Printers: Due to how Windows defines device classes when you restrict access to model IDs in the "USB Printers" category, Device Control also denies access to network printers. Using this method, you may add exclusions for specific network printers.

To exclude a network printer using the USB printer category

1. Navigate to Policy > Device Control tab
2. Locate the network printer that is showing as an "Unknown device"
3. Note the Model ID from the Model ID column
4. Add an exclusion for this Model ID under the USB Printers category

Firewall trusted zones defined with IPv6 address ranges do not work [VPBAGENT-3187] 

The VIPRE Agent does not recognize IPv6 trusted zone ranges and treats any IPv6 traffic as non-trusted. Therefore, any firewall rules for non-trusted traffic will still apply.

There is no known workaround at this time.

Logging into a Citrix device with Active Protection enabled fails [VPBAGENT-275] 

This is a known conflict between VIPRE Active Protection and Citrix User Profile Management (UPM). Attempting to login to a Citrix device with both services enabled causes the login to hang and eventually fail.

Workaround: Temporarily disable Active Protection for Agents that need to access Citrix devices.

Outdated Citrix drivers may cause BSOD on Windows 7 agents 

Updating a Windows 7 agent to VIPRE Endpoint Security 9.6 or earlier can cause a blue screen state on systems with older versions of Citrix drivers on them.

Workaround: Updating the Citrix driver should resolve the issue.

Microsoft Windows Defender continues to run even if the policy has Disable selected 

For policies applying to machines running Windows Server 2016 or higher, selecting "Disable Windows Defender" does not actually disable Windows Defender.

Workaround: You may manually disable Windows Defender on these machines. Refer to these articles for more information:

• Disabling Windows Defender Antivirus on Windows Server 2016
• Microsoft TechNet article: Windows Defender Overview for Windows Server

VIPRE Business or VIPRE Business Premium agents on version 9.3 or earlier that are scheduled to upgrade to VIPRE Endpoint Security will not fully upgrade on the initial install 

VIPRE has added multiple driver updates that are included with this release. Depending on the version of the drivers on your system and which features are enabled in your policies (e.g., Device Control), installation may require two or more reboots to complete the agent upgrade.

Workaround: Make sure any required reboots are completed. For the corresponding agent, check the Console > Agent Details > Agent Environment tab and verify the "Needs Reboot" column is not marked with an "X".

When changing Active Protection settings within a VM environment, the changes take up to 15 minutes to apply 

This is normal, as communication between the Console > VM takes some time to propagate.

When VIPRE scans an email archive, files are not quarantined properly 

Workaround: Through your email client, perform a manual cleanup of the email archive containing the infected email. Once the infected email has been removed, re-scan the endpoint to confirm the removal.

When managing over 500 agents, a full SQL database should be implemented [Best Practice] 

It is recommended that when managing over 500 agents, a full SQL database (versus SQLite) will provide the best performance. 

See the following support article: Recommended SQL Server settings for a VIPRE Business Database

VIPRE Endpoint Security agents cannot run on Windows XP or Windows Server 2003 

The software limitations of these older platforms do not provide the resources necessary for some more robust agent features. VIPRE Endpoint Security requires a minimum OS version of Windows Vista or Windows Server 2008.

Attempting to launch more than one instance of the administration Console (via terminal services) causes agent > Console communication to fail 

This is a product design safeguard that prevents one administrator from overwriting a different administrator's settings without notification. Only one instance of the admin Console should be running at a time.

Push agent installations do not work if Simple File Sharing is enabled 

Simple File Sharing prevents installation through the push option. You must manually create the MSI installer package and deploy the installer to the workstation.

See the following support article: Minimum Requirements for Agent Push Deployment

Without proper firewall configuration, agents are unable to contact the Console 

An incorrectly configured firewall can prevent communication between the agent and the Console.

See the following support article: Minimum Requirements for Agent Push Deployment

Device Control policy changes may require an agent restart before they take effect 

On Consoles upgraded to 9.6 or earlier, policy changes will not be applied until the agent is restarted.

Workaround: Manually restart the agent to apply policy changes.

To manually restart an agent

1. Right-click on the agent in the grid
2. Select Issue Remote Restart Command

Anti-Phishing does not work if Outlook is open during the agent install. 

If Outlook is running when enabling Anti-Phishing in the VIPRE Console before pushing an agent installation, it will not function properly until Outlook is restarted.

Workaround 1: Shut down Outlook during agent installation when enabling Anti-Phishing

Workaround 2: Restart Outlook after agent install when enabling Anti-Phishing