Zero-Trust Application Service Issues

Applies To: Endpoint Security Elite This topic applies to Endpoint Security Elite., Endpoint Security 360 This topic applies to Endpoint Security 360., Endpoint Security Prime This topic applies to Endpoint Security Prime., WatchGuard EDR This topic applies to WatchGuard EDR.

The Zero-Trust Application Service tracks the activity of programs on your computer and immediately blocks any malicious programs. For more information, go to Configure the Zero-Trust Application Service.

When you use the Zero-Trust Application Service, you might experience one or all of these issues:

• High system resource usage that causes your computer to run slowly.
• An error shows in the Zero-Trust Application Service dashboard.
• Compatibility problems with third-party software.

To troubleshoot, you must determine whether the issue is because of the firewall infrastructure that Zero-Trust Application Service enables or because of Zero-Trust Application Service itself.

Firewall Issues

To see whether the firewall on the computer causes the issue, in the Endpoint Security management UI, move your computer to a profile where you can disable the Zero-Trust Application Service toggle, and enable Firewall > Enable the Firewall. If the issue returns, you can conclude that the firewall settings cause the issue.

If you want to report a firewall issue to Support:

• Use the PSInfo tool to gather support-related information.
• Use the NNS Firewall Diagnostics tool to create a firewall NNSDiag diagnostic log.

Zero-Trust Application Service Issues

If the firewall does not cause the issue, the Zero-Trust Application Service might be the cause. If you want to report a Zero-Trust Application Service issue to Support:

• Use the PSInfo tool to gather support-related information.
• Use the PSerrortrace tool to generate a diagnostic file.
• Enable Support Access to your WatchGuard Cloud account.

To troubleshoot the Zero-Trust Application Service issue:

• Disable the Anti-Exploit > Code Injection toggle, and enable the Zero-Trust Application Service toggle. After the changes are applied, restart the computer. If the issue persists, contact Support.

• If the step above resolves the issue, then it means there is an application that fails in the Code Injection module. You must exclude that application from the Code Injection module, then restart your system.

  To exclude an application, you must end the process for that application. In Windows, you can use Task Manager > Processes to identify and end a process.

  For more information about how to exclude the applications, go to this Knowledge Base Article.

  If the issue resolves, we still recommend that you contact Support to solve the issue permanently.

  To report an issue to Support:

  • Use the PSInfo tool to gather support-related information.
  • Use the PSerrortrace tool to generate a diagnostic file.
  • Collect a dump file when an application fails in the Code Injection module. For more information, go to the Collect a Process Dump File On Demand section of the Troubleshoot Process Dump Files topic.
  • Enable Support Access to your WatchGuard Cloud account.