This article refers to newly introduced software conflicts between the Umbrella roaming client software and Windows 10 version 1809. If you are considering updating to Windows 10 version 1809 (October 2018), please read this article for more information.
Windows 10 version 1809 and the Roaming Client
Windows 10 version 1809 brings support for new security minded features such as built-in sandboxing. In order to enable these features, Microsoft makes use of the Hyper-V infrastructure it has developed for server-hosted virtualization. In order to enable local virtualization, the Hyper-V (default switch) network interface has been deployed and enabled by default in Windows 10. Workstations updating to this version will notice the new NIC after the upgrade has completed, even if the Hyper-V role is not enabled.
The presence of this Hyper-V NIC with implied network sharing is currently known to cause interoperability challenges with the roaming client. At this time, the AnyConnect Roaming Security Module is not known to be affected.
- High CPU load for dnscrypt-proxy.exe
- Excessive repeated DNS queries to local DNS, for example:
- WPAD queried: wpad.<domainsuffix>
- Intermittent local DNS interruptions
These impacts may be isolated to the workstation; however, in some cases the additional DNS traffic caused by this interaction may overwhelm local DNS servers.
To confirm that the roaming client-Hyper-V interactions are the root cause of these symptoms, there is a simple confirmation test:
- Open up the network and sharing center
- Click to view network adapter settings
- Disable the Hyper-V network adapter
- Confirm if all symptoms immediately disappear.
At this time there are steps that may be taken to minimize these impacts while the Cisco Umbrella team develops a permanent resolution. To learn more, please contact the Umbrella support team at firstname.lastname@example.org.