Thread Info
  • Locked Locked
  • Replies 43 replies
  • Subscribers 16 subscribers
  • Views 114866 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Issue: Cloud Web Gateway unable to establish a connection with the cloud

Bianson

**UPDATE 6** Statement from Product Management in KBA: https://community.sophos.com/kb/en-us/126926 

**UPDATE 5** ChromeOS/Chrome browser agent performance should be back to normal, though there might still be some delay in event reporting during peak hours. Ongoing issues with CWG agents (delays or gaps in event reporting) are still being investigated.

**UPDATE 4** Reports coming in indicating issue is still present. 

**UPDATE 3** As of this morning, the outage is confirmed as resolved. Backlog of events should now be processed and operation should be at 100%. Please let us know below if you are still seeing this issue.

**UPDATE 2** Backlog of queued events are finishing synchronization, after this is complete service should be restored. 

**UPDATE** Chromebooks with extension enabled are unable to browse web. 

Hello,

Currently, Cloud Web Gateway agents are unable to establish connection to the cloud, and may report with a status of “Security Enabled Activity Logs Delayed”. Actions are currently taking place that will resume service. Updates will be provided on this thread.

Thank you,

Bob



This thread was automatically locked due to age.

  • Bob,

     

    After two weeks, I'm really having trouble understanding why this issue is not resolved.  From the last update, Sophos doesn't even know what the issue is yet (as it's 'still being investigated')? I've been told two different things by tech support - first that it was a problem with a system update, and then that it was an issue at the data center.  I'm pretty sure the DC one is an outright lie as I wouldn't be expecting intermittent service if that were the case (and you'd of course have these services running from multiple locations so no single point of failure). I question the 'system update' explanation as well since any update/deployment would have had a tested back-out plan.  

     

    Right now, I'm not seeing any logs come through and for any policy updates to apply, the user needs to restart their machine.  Thankfully this is just inconveniencing web access.  What happens if the next 'issue' takes out the av definition service (as an example)?  Would we sitting for weeks, effectively without any protection while the next WannaCry variant ravages our networks?

     

    We need someone to provide a real update on what's being done to address this, what happened in the first place, and what changes Sophos is making to prevent it from happening again.  I realize that you probably aren't the one to provide this (as you seem to be very out of the loop on what's going on with the issue), but maybe you could reach out to someone more senior to address the concerns an increasing number of us have with this product and the reliability of Sophos as a security vendor in general.

     

    Alan

  • Bob,

    I gave you my case number and you said it would be escalated.  However your exact response was:

    "Thanks for the case number. I see Josh has responded to you this morning. I will monitor this to resolution."

    That is not escalation and was of no assistance.  The response from Josh was:

    "Sorry for the delay, unfortunately there hasn't been an update on the fix since May 24th for delayed logs.  I'll check with our developers to get an idea on an ETA and root cause and relay this to you."

    Since then, there has been no further movement on the ticket.  What is Sophos doing that this is so badly broken?  Why are there no answers to our questions about root cause and long term fixes?  I await a *detailed* update, but I'm not holding my breath.

    Keith

  • in reply to K_M

    Hi Keith,

    The case has been escalated. I see you have been in contact with an engineer this afternoon, please generate an SDU log as requested. I have let the team know to provide you with as much information on this issue as they have available.

    Thank you,

    Bob

  • It appears that the logs are better, but still about an hour delayed.  What is the latest update?

  • Update - the logs *were* about 1 hour behind, but now they are about 5 hours behind.  The problem is getting worse it would seem.  When are we going to be given a status update???

  • in reply to K_M

    Hi Keith,

    I haven't received and other news but I will update this post as soon as I do. Have you relayed this information to the engineer on your case?

    Thank you,

    Bob 

  • in reply to Bianson

    Yes, I did and this is what I got:

    "As of now there is still no update, I have the ticket set to notify me as soon as development post an update."

    It is hard to believe there is no new information on a problem that has been ongoing for weeks.  When this is resolved, can we expect to be given a root cause and steps implemented to prevent these kinds of issues in the future?

  • in reply to K_M

    Still not working.  Would really appreciate an update to at least know that Sophos still acknowledges this as a problem.

  • in reply to K_M

    Hi Keith,

    Statement from product management is now in the KBA: https://community.sophos.com/kb/en-us/126926 

    Thank you,

    Bob

  • in reply to Bianson

    Bianson,

    Thanks for the update, but seems things are getting worse, not better. Before when making changes to policies or bypassing to test web traffic because we cannot rely on 2 day old logs for troubleshooting, now it’s talking several hours for the web gateway policy to be updated.

     

    I’ll be reopening my case and speaking to our account manager as this support model is not good for our business. I have had issues with concur yesterday with log in failures, we were notified via email and their service status site provided good updates on what was occurring and what they were doing to resolve the issues. http://open.concur.com/

    Sophos could learn a thing or two about how to provide such updates especially with your cloud based products.

     

    Frankie..

Unfiltered HTML