So its better to keep WFP driver option disabled in AdGuard with KES installed, right?
- Status
- Mar 17, 2014
- 575
Though it was working fine with KES, for now I have disabled it.
- May 23, 2014
- 96
I use Kaspersky Endpoint Security & there is no SSL scan in Kaspersky Endpoint Security.
So does this means I can safely enable Adguard WFP Driver option with Kaspersky Endpoint Security installed?
- May 23, 2014
- 96
Yes, the issue exists with SSL scan only.
How does Adguard determine to enable/disable WFP Driver option?
Like I have Kaspersky Endpoint & it doesn't have SSL scan so why WFP Driver option was disabled in Adguard?
- May 23, 2014
- 96
It simply detects Kaspersky products by the process name when AG is installed. It does not dynamically disables WFP so if you install AG before Kaspersky, WFP driver will be enabled.
So wont that be a prob for Kaspersky Internet Security users or Adguard users?
And in one of your posts in this thread, you have mentioned the prob is specific with Kaspersky & Eset products coz of their WFP drivers.
What about other products like Avast, etc... that do HTTPS scan?
I mean Avast or any software with HTTPS scan install their certs & Adguard installs its certs for HTTPS scan, what happens when 2 or more certs are there for HTTPS scan?
Last edited by a moderator:
- May 23, 2014
- 96
Yep, there could be an issue. That's why we want to implement some kind of a compatibility check.
But more than that we want a new network driver with all these incompatibilities resolved
. It's just not easy.No issues with Avast. HTTPS scan problem is just a consequence of another issue. Let me tell you the details then.
The problem with them is that to function properly we have to change the drivers order. If we don't do it some connections will stuck due to an old WFP bug which is not handled in their drivers.
In normal situation the drivers sequence looks like this:
Incoming packet
Network --> Adguard driver -> Other driver --> Browser
Outgoing packet
Browser --> Other driver -> Adguard driver --> Network
To overcome that issue we have to change the order:
Incoming packet
Network --> Other driver -> Adguard driver --> Browser
Outgoing packet
Browser --> Other driver -> Adguard driver --> Network
The problem with this drivers order is that it breaks SSL handshake (Adguard expects to get an answer from remote server but it gets an answer from KIS driver and vice versa).
I am noticing Adguard at times does slow down browsing. When you look on the browser status bar, you see "waiting for local.adguard.com".
I meant at times it takes quite a few secs showing waiting for local.adguard.com
- Jan 14, 2015
- 1,761
Same here no slowdown visible. I am yet to actually see message of local.adguard showing up at all.
- May 23, 2014
- 96
local.adguard.com is a virtual domain, in fact there is no remote connection. I remember you use KES, I wonder if there's any connection?
Could you please try the latest beta and see if it happens again? We've made some important changes in the network filtering code, it could also solve this issue.
- Aug 2, 2015
- 4,286
- Status
