Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Ironport Not Updating (some)

I am having issues with upgrading of current version.  The feature keys are within date and do not expire until next year.  It seems some are being updated and others not.


I am able to update for -

Ironport Anti-Spam - [All forced]

Sophos Anti-Virus - Sophos Anti-Virus Engine [Forced], Sophos IDE Rules [Auto]

Email encryption settings - PXE engine [not at all]

Outbreak filters - [All forced]



Security Services - Service Updates

Update Server (images):Dynamic (Cisco IronPort Update Server)
Update Server (list):Dynamic (Cisco IronPort Update Server)
Automatic Updates:Enabled
Update Interval:5m
HTTP Proxy Server:Not Enabled
HTTPS Proxy Server:Not Enabled




Community Member

I am having the same issue

I am having the same issue but it looks like only the Sophos engine is not updating.  I tried rebooting the appliance but same result.  Also we have two appliances and getting the same issue so it may be something with the update site.


After typing this reply I found this on the community site:

Community Member

I have the same error.  Cisco

I have the same error.  Cisco informed me via email that they are aware of the issue.


Cisco is currently aware of a problem with customers receiving an alert(s) that their Email Security Appliance (ESA) Sophos Anti-Virus Database has expired. Customers who have appliances running Sophos SAV Engine Version may receive these alerts starting on May 16,2014.


The Sophos Anti-Virus engine is still processing and scanning emails although this alert is present.  At this time, customer interaction in not needed.  Engine and IDE updates are still processing.  The IDE serial timestamp will increment and be represented from the latest updater download. 


To see the output please use one of the following methods:


From CLI: ‘antivirusstatus sophos’

From GUI: Security Services -> Anti-Virus/Sophos


An example of the IDE Serial is shown below:

IDE Serial              2014051603


We will continue to monitor the issue and provide an update on this issue via this case if requested.  If you would like to monitor the situation, the following link will be updated as additional information comes available:"

Cisco Employee

Yes - we are aware, and

Yes - we are aware, and working to get this addressed.

Just assure that your IDE serial timestamp is up-to-date as stated w/ the opening notification on the main forums page...


Community Member

Aaron.buss mentioned he

Aaron.buss mentioned he received a notification email for this issue. How do I get signed up to receive these types of notifications? I am signed up to receive alerts using the Cisco Notification Service, but I'm not sure that's how these types of notifications are generated.

Community Member

Second time in less than a

Second time in less than a month that the updates have had issues! no



Cisco Employee

Correct - and we do apologize

Correct - and we do apologize.  If there is anything I can do, please message me direct, and we can open a dialog on this.  Our management and team globally are working to address issues like this.


CreatePlease to create content