We'd love to hear about it! Click here to go to the product suggestion community
We have 6 firewalls that I know of that will not allow web browsing since maybe 8 hours ago. The error reported is "The requested content could not be scanned for malware. It may be corrupted or encrypted."
Scanning file /tmp/0x1YOB0Ee (context=HTTP) ...File /tmp/0x1YOB0Ee scan result : 0x0004021Eunable to sweep file [0x0004021e]
Switching scan engine to Avira gets around the problem.
Is anyone else seeing this?
I have seen it on two units so far. Swapping the AV engine to Avira Under the Services > Malware Protection menu got around the issue for me.
Yep, same here.
Just finished band-aiding the issue for all our clients with XGs. Updated ~ 20 firewalls.
Ended up killing HTTP malware filtering on HTTP. Seems like HTTPS / FTP filtering was fine. Specific symptom we saw was any HTTP traffic blocked with the "The requested content could not be scanned for malware. It may be corrupted or encrypted." error returned for users. As mentioned, HTTPS was fine.
That's one way to encourage the adoption of HTTPS...
In reply to Lachlan Tailby1:
That fixed it for me too.
same issue here, switching over to Avira helped for an temporarily solution.
As i encountered the issue the machine was running not the latest firmware.
Update to latest firmware does not make any difference for this issue.
So in conclusion i think it has something to do with an signature update last 24h.
In reply to Markus Heilgemeier:
Fixed mine too with switching from SOPHOS to Avira scanner (System services-> Malware protection->Primary antivirus engine) SW Version SFOS 17.5.7 MR-7
40+ firewalls updated with these settings now working - very annoying for a Saturday....
In reply to Andrew Hurl:
Could you please check the u2d.log and the Webadmin - Pattern Update.
Is Sophos failed there?
In reply to LuCar Toni:
Sophos have just responded to my ticket (#9075149). From what I can tell, the problem is known and fixed, and will be rolled out soon.
After the first few calls this morning where we validated the issue was HTTP filtering, we rolled the change with SFM in bulk.
Have switched to Avira to solve the problem on all 5 of my sites.
I think this is the last straw with this Sophos crap. I've had non stop issues since buying them a few weeks ago.
Solved the issue switching to Avira
Did Sophos tells you when this will be fixed?
Same issue here. All AV scanning depended features were not working e.g. scaning http/https, email scanning, sandstorm, etc.
Sophos AV engine is broken and I've opened a support case. Lets see when the Sophos AV engine restores to normal operation.
A lot of business critical traffic were blocked. Bad weekend :(
Same Problem on 2 Sites with XG 85 and without 2. AV Engine (Avira).
Temporary Workaround: Set to Allow at: Protect -> Web -> Malware and content scanning -> Action on malware scan failure + restart Proxy
(Tested Proxy with https://www.etes.de/downloads/eicar-testvirus/ and seems to work fine)
In reply to jamesharper:
It is incredibly unbelievable and scandalous that the problem is known and fixed, and yet the update still hasn't rolled out, 15 hours later. From the looks of it, every single Sophos firewall using the Sophos engine is affected. Every single XG customer. Yet, a fix still has not been rolled out.
In all seriousness: What the actual $§&**(bleep), Sophos? You guys are incredibly unprofessional. Get your act together.
In reply to cryptochrome:
For any customers experiencing this issue please https://community.sophos.com/kb/en-us/134507 for updates.