This is an update for Web Security Appliance customers running releases 7.0.x or 7.1.x & using Sophos virus scanning.
A Sophos IDE patch is now available that resolves this problem.
The primary Cisco IronPort datacenter encountered a core switch failure at approximately 4:30am PDT yesterday, May 22, 2012. Following this event we received customer reports of issues relating to Sophos and performance. It was determined that some customers had an outdated Sophos update that could potentially cause data corruption or impact the performance of their appliances.
Cisco Engineering was able to identify the cause of this problem and released a Sophos IDE patch at 07:20 PM PDT that fixes this problem.
How To Upgrade
Prior to upgrading, please save a copy of the configuration file somewhere other than on your appliance. This Upgrade requires you to reboot your appliance if you are running an outdated Sophos IDE.
Note: If your WSA doesn't require this patch you will not be asked to reboot. You will just need to click "Clear Upgrade" in the WebUI or exit the session in the CLI.
From the CLI: 1. Log into the command line of your Cisco IronPort Appliance as the 'admin' user 2. Type 'upgrade' 3. When asked if you are sure you would like to reboot, press 'Yes'
From WebUI: 1. Go to 'System Upgrade' in the 'System Administration' tab 2. Select 'Sophos IDE Patch Update (Reboot May Be Required)' from the list of updates. 3. After upgrade completes, click on 'Reboot Now'
Once the the IDE patch upgrade and reboot is complete, it will bring your Sophos virus definitions back to factory default and they will be automatically updated to the latest definitions at the next scheduled update. If you do not want to wait until the next scheduled update, you can choose to update now by using the following steps:
If you took the precautionary step of temporarily disabling Sophos virus scanning, you should re-enable it after loading the Sophos IDE patch by using the following instructions:
1) Login to the Web Security Appliance via HTTP to the GUI 2) Go to Security Services -> Anti-Malware 3) Click at “Edit Global Settings” 4) Check “Enable Sophos” 5) Press “Submit” 6) Commit the changes
We apologize for any inconvenience this has caused.
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...