10-25-2006 12:55 PM - edited 03-09-2019 04:40 PM
Noticed after a couple of days of operation that my Symantec and Microsoft automatic updates were not taking place. I added the respective servers IP address to my ACL containing the global pop3, smtp, ftp, and http to not match IP and put those in front of the pop3, etc... I then ran my liveupdate and everything processed fine. When I look at the log files for the ASA, I notice that it treats the file from Symantec as Spyware and shows it as an unscanned corrupted zip file. I am not blocking any downloadable file type. If this was a URL filtering issue, I would just add symantec as an allowed site. But since it's seeing it as spyware, there is no management for that except to turn it on or off. Any ideas or insight? Running the latest code of everything that is downloadable and CSC is also updating def's just fine.
Solved! Go to Solution.
10-31-2006 09:42 AM
It looks like bug to me, check the bug-id:CSCse67660. try the 'deferred scanning' on the CSC module
10-31-2006 09:42 AM
It looks like bug to me, check the bug-id:CSCse67660. try the 'deferred scanning' on the CSC module
11-01-2006 02:02 PM
Yeah, had a TAC engineer tell me that yesterday. Turned off http scanning and Cisco is supposed to come out with a patch for this either end of this month or sometime next month. Thanks for your reply though.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide