Web Appliance 4.3.2.2 Intermittent 'Lock Ups'

Is anyone else experiencing issues with this appliance firmware level?

Intermittently and randomly the appliance (now appliances as we have deployed a 2nd and soon to be 3rd on alternative hardware and internet breakouts) the device refuses to pass traffic.  No network issues, GUI remains responsive.  DNS checks pass.  Direct browsing via the upstream firewall is successful, a 2nd appliance using the same upstream firewall for connectivity continues to function.

Looks to be some kind of bug with the appliance.  2-3 weeks into a case with Sophos and unresolved.

Has anyone experienced this kind of issue or lock up?

  • Hi Andrew,

    Are you still facing the issue with your appliance? Did an upgrade to the latest firmware resolved it?

    Thanks

  • In reply to sachingurung:

    Hi Sachin

    We never got to the bottom of the issue, on different firmware versions.  Initially they thought it was a memory leak issue and made some changes to one of our virtual web appliances, but we continued to have the issue across appliances.

    We ended up purchasing a hardware appliance and have our traffic split between 2 virtual and 1 hardware.  We seem to have stabilised and taking the 'if it isn't broken don't fix it approach'.  The problem was very frequent, devices would remain responsive in the GUI and pass all network tests, yet refuse to pass any web traffic and show massively high latency within the Sophos GUI.

    I wish we could have found the cause, it baffled everyone.

    Thanks

  • In reply to Andrew Meek:

    The issue could have many possibilities likes the buffers are full to process the requests further or the web appliance is not getting the requests where you can configure it to work on a different mode and check if the problem still exists. Such issues needs live attention and monitoring sessions and it is really hard to figure out the issue. The system logs must have information if the issue is related to the appliance but it is not certain that the logs give you the whole picture. Deploying a hardware appliance and splitting the traffic resolves the issue points more towards the issue of traffic handling and the system capability. Just my two cents worth.

    Thanks