Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

Just about every day PacketCapture.exe faults and then is followed by a string of NtxDrv errors

Created: 03 Sep 2013 | 3 comments

We have DLP 11.6.2 set up on a Win Server 2008 R2 64 bit box.  Originally we were going to use Endace cards until we found out they weren't supported and so switched to the napatech cards.  Pretty much since we got these boxes up and running a few months ago on the one of our two monitor boxes we've been getting PacketCapture faulting followed by a string of 4 - 7 NtxDrv errors.  Googling it doesn't reveal anything and I thought it might've been that we still had the Endace drivers installed but they're gone so there goes that theory.  Anyone have any idea what NtxDrv is?

Operating Systems:

Comments 3 CommentsJump to latest comment

S_A_M's picture

Hi,

I believe we have the driver version 4.22c ?? which ships with current Napatech packet capture cards has not been fully qualified with DLP 11.6x or lower product versions. The Windows Device Manager will show the driver version as 4.22.2.0 from the Network Connection Properties menu.  Using the latest 4.22c driver may result in unexpected behavior such as issues detecting network traffic or Windows system event errors. The recommendation is to use the certified 4.22 driver for DLP 11.6x and earlier versions of Network Monitor. Currently the 4.22c driver version for Napatech cards has been fully qualified for the 12.x version of DLP.

 

Thanks

Ariphaneus's picture

Whereas device manager does show our driver as Napatech, 5/13/2011, Ver 4.22.2.0 we have not had any issues as of today though it is definetly something to know and keep an eye on.  It is more the issue that packetcapture.exe restarts and then, according to the enforce console, goes looking for the Endace DAG drivers.  This then translates in the eventvwr to the packet capture falters and then NtxDrv errors that seem to correspond to the box trying to load the Endace drivers which were uninstalled.  Not sure what I'm missing.  Is there a path somewhere that needs to be changed?  And what is the certified 4.22 driver for DLP 11.6.2?