DLP

Symptoms

  1. After update to C21.02 Agent build (15.0.26473) with Agent for Data Loss Prevention (registered as DeviceLock Service in the Services.msc snap-in) Hyper-V host periodically crash with a BSOD.
  2. The issue does not occur without DeviceLock Service running (see KB68145).
  3. Blue screen of death refers to DeviceLockDllDrv.sys driver.

Symptoms

AnyDesk application cannot establish connection with a remote host if NetworkLock settings are configured in DLP policy.

Cause

DeviceLock uses its own certificate to encrypt SSL traffic while some applications can work with a predefined certificate only.

Solution

Create the following exception in Protocols White List: SSL for Everyone group

Hosts: *.net.anydesk.com

This article describes how to solve possible compatibility issues of Acronis DLP Agent with various applications.

Symptoms

After update of Acronis Cyber Protect Agent to C21.02 (or newer) with Agent for Data Loss Prevention (registered as DeviceLock Service in the Services.msc snap-in) some particular applications fail to start, or certain actions within an application are taking too much time or not possible to perform.

Due to the operation specifics of Acronis DLP modules, there are specifies limitations that are applicable to workloads where specific CPUs are installed:

Intel 11 gen and newer or AMD Ryzen 7 or newer. On these workloads the following functional limitations takes place: 

Device types and protocols (channels) that will not be controlled by Device control and Data loss prevention:

Symptoms

VirtualBox application fails to start after update of Acronis Cyber Protect Agent to C21.02 with Agent for Data Loss Prevention.

Cause

This is a known compatibility issue of Acronis DLP Agent with VirtualBox application.

Fixed in Acronis Cyber Protect Cloud 21.03.

Solutions

1. Update Acronis Agent version to 15.0.26614 from C21.03, or newer.

Symptoms

After deploying protection plan with Device control enabled, Google Chrome application begins to crash upon start, or whenever clipboard is used within the application. 

The same issue reproduces with Edge browser.

Cause

This is a known compatibility issue with applications implemented using CET technology.

Solution

Add Google Chrome process into Device control Exclusions list as per KB: https://kb.acronis.com/content/68519

Symptoms

After deployment of protection plan with Device control enabled, various applications (such as CMD.exe, PowerShell.exe, chrome.exe, and others) fail to start with The application was unable to start correctly (0xc0000142)' error.

Example:

Cause

This is a known compatibility issue of the latest generation processors with Control-flow Enforcement Technology (CET) and Acronis DLP hooking function.

Symptoms

When attempting to view Relation Charts using the DeviceLock Management Console, the charts are not visible. Instead, the following error message is displayed:

There is no data that meets your criteria.