"Wanna" ransomware outbreak. Please see this Sophos article sophos.com/kb/126733 for advice on how to protect your organization. Immediate action recommended.
Sophos has recently identified an issue where, in certain environments, a memory leak can occur in the HTTP proxy on the UTM. A number of causes have been identified and these have been fixed in the v9.005 release, which will improve the stability of the HTTP proxy for many affected customers. However, we have not yet identified and fixed all possible causes, but investigating and fixing these is a high priority.
This knowledgebase article will help you to identify whether your UTM is exhibiting a memory leak.
Known to apply to the following Sophos product(s) and version(s) Sophos UTM 100/110/120 v9.005Sophos UTM 220 v9.005Sophos UTM 320 v9.005Sophos UTM 425 v9.005Sophos UTM 525 v9.005Sophos UTM 625 v9.005Sophos UTM Software Appliance v9.005
Operating systems 9.005
Log into Webadmin and navigate to Logging & Reporting / Hardware. There you will see the Memory Usage (Monthly) Graph.
If after updating to v9.005, you see memory usage continuously increasing, this indicates that you are still affected by the memory leak (see the picture below).
As long as the memory usage doesn't reach 100%, you can work around the memory leak issue without rebooting the device. To do this you need to restart the HTTP service:
Note: During the restart process, end users using the web proxy will have their browsing interrupted. The stop/start process should take no more than 30 seconds.
* segfault is an abbreviation of segmentation fault.
If you believe that your UTM is experiencing a memory leak, please contact support immediately for assistance.
Tutti i commenti qui inseriti vengono letti (dal team di supporto), ma non verranno inviate risposte specifiche ad alcun quesito tecnico. Nel caso richiediate supporto tecnico, vi invitiamo a postare il vostro quesito nella nostra community. Altrimenti, se la richiesta di supporto riguarda un prodotto con licenza, vi invitiamo ad aprire un ticket per il team di supporto.