This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is version 9.718-5 has bug?

Hi All,

Our Sophos UTM9 with current version 9.718-5 has automatic update enabled. We just want to know if there is any bug on this version since it is the newest version and if there is any relation on CPU high utilization.

Thank you.

Oliver



This thread was automatically locked due to age.
Parents
  • Hello  ,

    Thank you for reaching out to the community, what modules you are using on the current firmware like how many VPN tunnels are active, is it IPsec, SSL , site-to-site, remote access, webserver, email protection, RED..etc ?

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Technical Support, Global Customer Experience

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case  | Security Advisories 
    Compare Sophos next-gen Firewall | Fortune Favors the prepared
    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • Hi  ,

    Thank you for the response.

    Please see below details. For remote access, today there are only two users, but mostly its 10 - 20 users are logged in.

    Current System Configuration
    [Status: Enabled] Firewall is active with 292 rules
    [Status: Enabled] Intrusion Prevention is active with 1051 of 45723 patterns
    [Status: Enabled] Web Filtering is active, 792071 requests served today
    [Status: Disabled] Network Visibility is inactive
    [Status: Disabled] SMTP Proxy is inactive
    [Status: Enabled] POP3 Proxy is active, 0 emails processed, 0 emails blocked
    [Status: Disabled] RED is inactive
    [Status: Disabled] Wireless Protection is inactive
    [Status: Enabled] Site-to-Site VPN is active with 3 of 4 tunnels
    [Status: Enabled] Remote Access is active with 2 online users
    [Status: Disabled] Web Application Firewall is inactive
    [Status: Disabled] Sophos UTM Manager is not configured
    [Status: Disabled] Sophos Mobile Control is inactive
    [Status: Disabled] HA/Cluster is inactive
    [Status: Enabled] Antivirus is active for protocols HTTP/S, POP3
    [Status: Enabled] Antispam is active for protocols POP3
    [Status: Enabled] Antispyware is active

    Thank you.

    Oliver

  • Thank you for the detailed information, so do these 10-20 users face any impact in their day to day work ?

    Thanks & Regards,
    _______________________________________________________________

    Vivek Jagad | Team Lead, Technical Support, Global Customer Experience

    Log a Support Case | Sophos Service Guide
    Best Practices – Support Case  | Security Advisories 
    Compare Sophos next-gen Firewall | Fortune Favors the prepared
    Sophos Community | Product Documentation | Sophos Techvids | SMS
    If a post solves your question please use the 'Verify Answer' button.

  • Hi  

    As far as I know, they don't have any issue when using their VPN access. The first Sophos Support who assisted us saw the Postgres eating about 63% of the CPU, so they suggested to restart the service. After that, the CPU utilization became lower. But the next day, the utilization got high again, but that time the cause was the traffic going to our monitoring tool as per Support. They suggested to create a separate rule if the issue occurred again. Which was not implemented because the next day, they saw a different cause, the ATP, and they are requesting to disable it for 3days. Which I was hesitant because it is incorporated with IPS and part of our network protection. Until now they don't reply on my email, so I was checking if there is any bug on the version.

    Thank you.

    Oliver

Reply
  • Hi  

    As far as I know, they don't have any issue when using their VPN access. The first Sophos Support who assisted us saw the Postgres eating about 63% of the CPU, so they suggested to restart the service. After that, the CPU utilization became lower. But the next day, the utilization got high again, but that time the cause was the traffic going to our monitoring tool as per Support. They suggested to create a separate rule if the issue occurred again. Which was not implemented because the next day, they saw a different cause, the ATP, and they are requesting to disable it for 3days. Which I was hesitant because it is incorporated with IPS and part of our network protection. Until now they don't reply on my email, so I was checking if there is any bug on the version.

    Thank you.

    Oliver

Children