This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM update 9.410-6 released


Up2Date 9.410006 package description:

Remarks:
System will be rebooted
Configuration will be upgraded
Connected REDs will perform firmware upgrade
Connected Wifi APs will perform firmware upgrade

News:
Maintenance Release

Bugfixes:
Fix [NUTM-534]: [AWS] Template update notification
Fix [NUTM-6178]: [AWS] pg_xlog directory filling up on AWS deployments
Fix [NUTM-6186]: [AWS] Make all UTM logs available in AWS CloudWatch
Fix [NUTM-6224]: [AWS] awslogs daemon init script: restart broken
Fix [NUTM-6296]: [AWS] REST API doesn't work in cluster mode
Fix [NUTM-6402]: [AWS] [RESTD] Session is not closed after token is deleted
Fix [NUTM-5846]: [Access & Identity] IPsec Remote Access use the IP address instead of the username in the log
Fix [NUTM-6174]: [Access & Identity] [RED] mobile_network config part not pushed to prov
Fix [NUTM-6218]: [Access & Identity] HTML5 VPN: Comma not working on Portuguese (Brazil) keyboard
Fix [NUTM-6374]: [Access & Identity] REDs with static WAN config are offline after update to v9.409
Fix [NUTM-6375]: [Access & Identity] Cisco VPN with iOS doesn't work after update to 9.409
Fix [NUTM-3152]: [Basesystem] libxml2 security update (CVE-2013-2877)
Fix [NUTM-5158]: [Basesystem] glibc security update
Fix [NUTM-5726]: [Basesystem] Follow up NUTM-5403 - Sometimes slave stuck in syncing indefinitely after failover
Fix [NUTM-5800]: [Basesystem] curl security update
Fix [NUTM-6127]: [Confd] Expired license loaded after reboot even if the valid license was imported already
Fix [NUTM-6396]: [Confd] Character ">" or "<" for password will change to "&lt;"
Fix [NUTM-5447]: [Documentation] Japanese description has the wrong vocabulary of black list at "Sender Blacklist" in user portal
Fix [NUTM-3515]: [Email] [SPX] Using 'ß' and ',' as windows-1252 in form breaks utf-8 conversion
Fix [NUTM-4932]: [Email] Password protected file passes SMTP proxy
Fix [NUTM-6196]: [Email] E-Mail with Sandstorm supported and unsupported files will be moved into quarantine
Fix [NUTM-6256]: [Email] SPX inserts Backslashes into nicename of receipient address
Fix [NUTM-5656]: [Endpoint, Web] Sandstorm feature does not work if SEC managed endpoints with Full Web Control are used
Fix [NUTM-5756]: [Network] Remove empty log lines coming from the firewall subsystem
Fix [NUTM-6202]: [SUM] After update to v9.358 the "guid" was recreated
Fix [NUTM-5717]: [Sandboxd] Respect "file OK" error responses from get/score for SB Proxy API 1.2
Fix [NUTM-6165]: [WAF] Additional cookie from WAF is added without HttpOnly detail
Fix [NUTM-6356]: [WebAdmin] AD User Test fails after first creation of an authentication server
Fix [NUTM-4118]: [Web] Still coredumps from httpproxy since installation of rpms from NUTM-3119
Fix [NUTM-5399]: [Web] httpproxy[xxxx]: segfault at 4 ip 00000000080c2113 sp 00000000ea8aee90 error 6 in httpproxy
Fix [NUTM-5561]: [Web] URL category name "Potiental Unwanted Programs" spelling mistake
Fix [NUTM-5663]: [Web] HTTP proxy restarted with core dumps in 9.407
Fix [NUTM-5834]: [Web] 'Force caching for Sophos Endpoint updates' doesn't seem to force caching
Fix [NUTM-5956]: [Web] UTM breaks auto-update on SAV for Mac
Fix [NUTM-6310]: [Web] Corrected ownership and permission of sandboxd db files
Fix [NUTM-5366]: [WiFi] Wireless Protection Manager doesn't have sufficient rights to edit time definitions
Fix [NUTM-5567]: [WiFi] APs remain inactive after being accepted on UTM
Fix [NUTM-6125]: [WiFi] Customized login page displays invalid characters

RPM packages contained:
glibc-2.11.3-17.102.1.1569.g1acae51.rb6.i686.rpm
glibc-locale-2.11.3-17.102.1.1569.g1acae51.rb6.i686.rpm
libcurl4-7.19.7-1.64.1.1569.g5d136b5.rb10.i686.rpm
libsaviglue-9.40-6.g75ae555.rb5.i686.rpm
libsensors4-3.3.0-2.7.13.1879.g9bdb96e.rb2.i686.rpm
libxml2-2.7.6-0.50.1.1568.g1acae51.rb9.i686.rpm
cm-nextgen-agent-9.40-13.g5e13e9f.rb4.i686.rpm
curl-7.19.7-1.64.1.1569.g5d136b5.rb10.i686.rpm
firmwares-bamboo-9400-0.247933954.g233cdf1.rb5.i586.rpm
freerdp-1.0.2-6.g0ecd430.rb6.i686.rpm
modcookie-9.40-95.g8f24856.rb6.i686.rpm
navl-tools-4.3.0.35-0.247268873.ga345596.rb5.i686.rpm
perf-tools-3.12.58-0.247785862.g17c1041.rb7.i686.rpm
red-firmware2-5038-0.248960247.ge6f33ce.rb1.noarch.rpm
red15-firmware-5038-0.248960497.g001f267.rb5.noarch.rpm
ruby-2.2.6-0.247137817.g1cc0d1c.rb4.i686.rpm
ruby-common-2.0-3.1.1.1614.gc24aad5.rb4.noarch.rpm
ruby-devel-2.2.6-0.247137817.g1cc0d1c.rb4.i686.rpm
rubygem-addressable-2.5.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-aws-sdk-1.66.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-aws-sdk-v1-1.66.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-bundler-1.13.6-0.250018781.g4af754f.rb2.i686.rpm
rubygem-celluloid-0.17.3-0.250018781.g4af754f.rb2.i686.rpm
rubygem-celluloid-essentials-0.20.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-celluloid-extras-0.20.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-celluloid-fsm-0.20.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-celluloid-pool-0.20.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-celluloid-supervision-0.20.6-0.250018781.g4af754f.rb2.i686.rpm
rubygem-crack-0.4.3-0.250018781.g4af754f.rb2.i686.rpm
rubygem-diff-lcs-1.2.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-docile-1.1.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-gem2rpm-0.11.3-0.250018781.g4af754f.rb2.i686.rpm
rubygem-hashdiff-0.3.2-0.250018781.g4af754f.rb2.i686.rpm
rubygem-hitimes-1.2.4-0.250018781.g4af754f.rb2.i686.rpm
rubygem-json-1.8.3-0.250018781.g4af754f.rb2.i686.rpm
rubygem-little-plugger-1.1.4-0.250018781.g4af754f.rb2.i686.rpm
rubygem-logging-2.1.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-mini_portile2-2.0.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-multi_json-1.12.1-0.250018781.g4af754f.rb2.i686.rpm
rubygem-nokogiri-1.6.7.2-0.250018781.g4af754f.rb2.i686.rpm
rubygem-pg-0.19.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-pidfile-0.3.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-public_suffix-2.0.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-retries-0.0.5-0.250018781.g4af754f.rb2.i686.rpm
rubygem-rspec-3.5.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-rspec-core-3.5.4-0.250018781.g4af754f.rb2.i686.rpm
rubygem-rspec-expectations-3.5.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-rspec-mocks-3.5.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-rspec-support-3.5.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-safe_yaml-1.0.4-0.250018781.g4af754f.rb2.i686.rpm
rubygem-sequel-4.42.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-simplecov-0.12.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-simplecov-html-0.10.0-0.250018781.g4af754f.rb2.i686.rpm
rubygem-sophos-iaas-1.0.0-0.250769404.g60829c0.i686.rpm
rubygem-thor-0.19.4-0.250018781.g4af754f.rb2.i686.rpm
rubygem-timers-4.1.2-0.250018781.g4af754f.rb2.i686.rpm
rubygem-webmock-2.3.2-0.250018781.g4af754f.rb2.i686.rpm
rubygem-yard-0.9.5-0.250018781.g4af754f.rb2.i686.rpm
sensors-3.3.0-2.7.13.1879.g9bdb96e.rb2.i686.rpm
ep-reporting-9.40-34.gca719d9.rb5.i686.rpm
ep-reporting-resources-9.40-34.gca719d9.rb5.i686.rpm
ep-branding-ASG-afg-9.40-50.g1bcd426.noarch.rpm
ep-branding-ASG-ang-9.40-50.g1bcd426.noarch.rpm
ep-branding-ASG-asg-9.40-50.g1bcd426.noarch.rpm
ep-branding-ASG-atg-9.40-50.g1bcd426.noarch.rpm
ep-branding-ASG-aug-9.40-50.g1bcd426.noarch.rpm
ep-confd-9.40-930.g4eb9865.i686.rpm
ep-confd-tools-9.40-887.g340860a.rb11.i686.rpm
ep-cssd-9.40-27.gf72484e.rb3.i686.rpm
ep-ha-aws-9.40-375.g60829c0.noarch.rpm
ep-hardware-9.40-7.gaae91c6.rb4.i686.rpm
ep-hotspot-web-9.40-3.g05973ee.rb5.i686.rpm
ep-init-9.40-15.g16e98cd.rb4.noarch.rpm
ep-localization-afg-9.40-32.g5661e6c.rb5.i686.rpm
ep-localization-ang-9.40-32.g5661e6c.rb5.i686.rpm
ep-localization-asg-9.40-32.g5661e6c.rb5.i686.rpm
ep-localization-atg-9.40-32.g5661e6c.rb5.i686.rpm
ep-localization-aug-9.40-32.g5661e6c.rb5.i686.rpm
ep-mdw-9.40-530.g96292a8.rb10.i686.rpm
ep-repctl-0.1-0.247179648.g78524e5.rb6.i686.rpm
ep-restd-9.40-0.250015768.ge75b9db.rb2.i686.rpm
ep-sandboxd-9.40-0.249594584.gee03869.rb2.i686.rpm
ep-webadmin-9.40-794.g24b46b1.rb16.i686.rpm
ep-cloud-ec2-9.40-46.g5495907.rb3.i686.rpm
ep-chroot-smtp-9.40-121.g780e765.rb4.i686.rpm
chroot-ipsec-9.40-14.g5e2e541.rb3.i686.rpm
ep-httpproxy-9.40-392.gc2d236b.rb5.i686.rpm
kernel-smp-3.12.58-0.247785862.g17c1041.rb7.i686.rpm
kernel-smp64-3.12.58-0.247785862.g17c1041.rb7.x86_64.rpm
ep-release-9.410-6.noarch.rpm



This thread was automatically locked due to age.
Parents Reply
  • I have installed the 9.4.10-6 on a ASG220 only with mail subscription.

    We have a lot of problems. High cpu load from the process cssd and postgres. Many mails in 'AV Scan pending' status in the 'SMTP Spool'.

    It seems that the Sophos UTM will only sporadically accept e-mails.

    Out internal mailserver has a lot of e-mails in the server smtp queue.

    I think the release has a problem.

     

    Andreas

Children
  • I found a workaround.

    Change in Email Protection - SMTP - Malware - Malware scanning - from 'Dual scan' to 'Single scan' and change the AV engine from Sophos to Avira in Management - System settings - Scan settings - Single scan engine.

    Everything is working as expected. I try to contact the Sophos support to solve that problem.

  • Hi,

     

    same problem on a SG430 with 9.4.10-6.

    CPU load noticably above average - ~60-70%. Normally 30-40%.

    Mails hanging in SMTP-Spool with "AV Scan pending", incoming mails get temporarily rejected with SMTP Error 451.

    Mail throughput goes down to ~10 mails per minute.

    No improvement by "Single Scan" (Sophos or Avira) or "don't scan outgoing relay mails".

     

    Any suggestions? Thank You.

  • We suffer from this buggy firmware 9.410-6 update, too.

    I can confirm same problems like AndiS.

     

    Additionally owa access through web application firewall will not work, getting following error:

    Bad request. Your browser sent a request that this server could not understand.

    Error Reason: The request was blocked because an uploaded file contains a virus (daemon connection problem).

     

    Changing to single AV engine to avira in system settings helps as workaround.

     

    Markus

  • Same problem here... It took me hours to find out what is going wrong. AndiS's workaround also requires disabling Sandbox...

  • Yes, thats really high security! My customer´s that are using sandstorm are really concerned of this... Paying high license fees and then need to disable this feature.

     

    But maybe some good news, there is a rpm available:

     

    In German:

    "vielen Dank für Ihre Geduld.
    Für das aufgezeigte Problem wurde ein nachweislich funktionierendes RPM entwickelt und kann nach Wunsch installiert werden. Hierfür benötigen wir Zugriff auf die Maschine per SSH und einen möglichen Zeitpunkt, da SMTP und CSSD neugestartet werden."

     

     

    Will try to let the support install the fix on monday.

     

    Regards

    Sebastian

  • Also having ACC restarts:

     

    2017:02:02-16:31:59 mail device-agent[5469]: >=========================================================================
    2017:02:02-16:31:59 mail device-agent[5469]:   _AgentTermHandler -> '' -> 'Storable'
    2017:02:02-16:31:59 mail device-agent[5469]: '../../lib/Storable.pm (autosplit into ../../lib/auto/Storable/thaw.al)'
    2017:02:02-16:31:59 mail device-agent[5469]: 415
    2017:02:02-16:31:59 mail device-agent[5469]: |=========================================================================
    2017:02:02-16:31:59 mail device-agent[5469]:   _AgentTermHandler -> '' -> 'Carp'
    2017:02:02-16:31:59 mail device-agent[5469]: '/usr/local/ap510/lib/Carp.pm'
    2017:02:02-16:31:59 mail device-agent[5469]: 44
    2017:02:02-16:31:59 mail device-agent[5469]: |=========================================================================
    2017:02:02-16:31:59 mail device-agent[5469]:   Handling agent signal TERM/INT/QUIT/DIE. '' -> 'main'
    2017:02:02-16:31:59 mail device-agent[5469]: 'acc-agent.pl'
    2017:02:02-16:31:59 mail device-agent[5469]: 784
    2017:02:02-16:31:59 mail device-agent[5469]: |=========================================================================
    2017:02:02-16:31:59 mail device-agent[5469]:   (st) Process caught TERM/INT/QUIT... PID=5469 -> '' -> 'main'
    2017:02:02-16:31:59 mail device-agent[5469]: 'acc-agent.pl'
    2017:02:02-16:31:59 mail device-agent[5469]: 575
    2017:02:02-16:31:59 mail device-agent[5469]: .
    2017:02:02-16:31:59 mail device-agent[5469]: |=========================================================================
    2017:02:02-16:31:59 mail device-agent[5469]:   Signal caught start cleaning up. Signal = 'Magic number checking on storable string failed at ../../lib/Storable.pm (autosplit into ../../lib/auto/Storable/thaw.al) line 415, at /usr/local/ap510/site/lib/Cache/CacheUtils.pm line 118
    2017:02:02-16:31:59 mail device-agent[5469]: '.
    2017:02:02-16:31:59 mail device-agent[5469]: <=========================================================================
    2017:02:02-16:31:59 mail device-agent[5469]:   Removing iNotify: canceling all iWatchers.
    2017:02:02-16:31:59 mail device-agent[5469]:   destroying Dispatcher::Timer1 shared objects.
    2017:02:02-16:31:59 mail device-agent[5469]:   destroying Dispatcher::Timer2 shared objects.
    2017:02:02-16:32:16 mail device-agent[29116]: Starting logging output (level=2 [2])...
    2017:02:02-16:32:16 mail device-agent[29116]:   Set minimal required sum version to: 4.2
    2017:02:02-16:32:16 mail device-agent[29116]:   /usr/sbin/acc-agent.plx starting as daemon.
    2017:02:02-16:32:16 mail device-agent[29116]:   /usr/sbin/acc-agent.plx has started with PID=29116 ()-
    2017:02:02-16:32:16 mail device-agent[29116]:   Initializing global queues...
    2017:02:02-16:32:16 mail device-agent[29116]:    ---- Output Options ---- 
    2017:02:02-16:32:16 mail device-agent[29116]:     TRACE -> 0
    2017:02:02-16:32:16 mail device-agent[29116]:     DEBUG -> 1
    2017:02:02-16:32:16 mail device-agent[29116]:     INFO  -> 2
    2017:02:02-16:32:16 mail device-agent[29116]:     WARN  -> 3
    2017:02:02-16:32:16 mail device-agent[29116]:     ERROR -> 6
    2017:02:02-16:32:16 mail device-agent[29116]:     CRIT  -> 8
    2017:02:02-16:32:16 mail device-agent[29116]:   Current Level is: 2
    2017:02:02-16:32:16 mail device-agent[29116]:     INFO messages are displayed
    2017:02:02-16:32:16 mail device-agent[29116]:     WARN messages are displayed
    2017:02:02-16:32:16 mail device-agent[29116]:     ERROR messages are displayed
    2017:02:02-16:32:16 mail device-agent[29116]:     CRIT messages are displayed
    2017:02:02-16:32:16 mail device-agent[29116]:   Clearing cache object.
    2017:02:02-16:32:16 mail device-agent[29116]:   Init cache.
    2017:02:02-16:32:17 mail device-agent[29116]:   Failed to get local object:REF_DefaultHTTPCFFProfile
    2017:02:02-16:32:17 mail device-agent[29116]:   Updating Location...
    2017:02:02-16:32:17 mail device-agent[29116]:   Updating Features...
    2017:02:02-16:32:18 mail device-agent[29116]:   Updating Product...
    2017:02:02-16:32:18 mail device-agent[29116]:   Updating Inventory...
    2017:02:02-16:32:20 mail device-agent[29116]:   Initializing Module AggregatedReporting
    2017:02:02-16:32:20 mail device-agent[29116]:   Directory '/var/log/reporting/agent/' does not exist. Creating ... done
    2017:02:02-16:32:20 mail device-agent[29116]:   Initializing roles
    2017:02:02-16:32:20 mail device-agent[29116]:   Connecting to confd...
    2017:02:02-16:32:20 mail device-agent[29116]:   Initializing cache...
    2017:02:02-16:32:20 mail device-agent[29116]:   Initializing intervals
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for ip from 2160 to 2160
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for services from 3 to 3
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for availability_ha from 10 to 10
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for license_count from 10 to 10
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for availability_ups from 10 to 10
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for license_subscriptions from 100 to 100
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for monitoring_vpn from 9 to 9
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for check_connections from 2 to 2
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for remove_old_downloads from 12 to 12
    2017:02:02-16:32:20 mail device-agent[29116]:   Attempt to set update interval for '/etc/raid/status', which does not exist
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for /var/log/reporting/accu/mailsec.accu from 0 to 0
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for /etc/sysmond.ph from 30 to 30
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for /var/log/reporting/accu/pfilter.accu from 0 to 0
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for /var/log/reporting/accu/websec-json.accu from 0 to 0
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for /var/up2date/up2date_progress from 0 to 0
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for /var/log/reporting/accu/admin.accu from 0 to 0
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for /etc/agent/live_debug from 0 to 0
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for /etc/selfmon.ph from 30 to 30
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for /var/log/reporting/accu/ipsevent.accu from 0 to 0
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for /etc/up2date/up2date_status from 0 to 0
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for /etc/location from 0 to 0
    2017:02:02-16:32:20 mail device-agent[29116]:   Initialization complete
    2017:02:02-16:32:20 mail device-agent[29116]:   Connecting to SUM
    2017:02:02-16:32:20 mail device-agent[29116]:   Creating new SUM connection with id [1]
    2017:02:02-16:32:20 mail device-agent[29116]:   Updating SUM IP address for path: acc/server1/server
    2017:02:02-16:32:20 mail device-agent[29116]:   [1] Connecting to SUM (ip=172.16.100.11, port=4433).
    2017:02:02-16:32:20 mail device-agent[29116]:   [1] Using SUM SSL connection.
    2017:02:02-16:32:20 mail device-agent[29116]:   [1] We are now connected (ip=172.16.100.11, port=4433).
    2017:02:02-16:32:20 mail device-agent[29116]:   Connection to remote SUM established.
    2017:02:02-16:32:20 mail device-agent[29116]:   Starting watchers...
    2017:02:02-16:32:20 mail device-agent[29116]:   Starting connection...
    2017:02:02-16:32:20 mail device-agent[29116]:   Entering event loop...
    2017:02:02-16:32:20 mail device-agent[29116]:   SUM ehlo notification from [1]
    2017:02:02-16:32:20 mail device-agent[29116]:   Found SUM version 4.304005. Treating it as release 4.3.
    2017:02:02-16:32:20 mail device-agent[29116]:   Full SUM support is granted as the current SUM version isn't lower than the minimal required SUM version of: 4.2
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting minimum notify wait for '/etc/sysmond.ph' to 30
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting minimum notify wait for '/etc/selfmon.ph' to 30
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for availability_ups from 10 to 10
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for license_subscriptions from 100 to 100
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for monitoring_vpn from 9 to 9
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for services from 3 to 3
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for ip from 2160 to 2160
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for availability_ha from 10 to 10
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting update interval for license_count from 10 to 10
    2017:02:02-16:32:20 mail device-agent[29116]:   'login successful, welcome to duty'.
    2017:02:02-16:32:20 mail device-agent[29116]:   Login complete for [1].
    2017:02:02-16:32:20 mail device-agent[29116]:   Updating Location...
    2017:02:02-16:32:20 mail device-agent[29116]:   Setting available subscriptions for product 'ASG'
    2017:02:02-16:32:20 mail device-agent[29116]:   Creating Watcher (timer) for 'weekly' -> 14400
    2017:02:02-16:32:20 mail device-agent[29116]:   Creating Watcher (timer) for 'monthly' -> 43200
    2017:02:02-16:32:20 mail device-agent[29116]:   Creating Watcher (timer) for 'yearly' -> 86400
    2017:02:02-16:32:20 mail device-agent[29116]:   Creating Watcher (timer) for 'daily' -> 900
    2017:02:02-16:32:20 mail device-agent[29116]:   Done subscribing
    2017:02:02-16:32:23 mail device-agent[29116]:   Reporting 24 changes to accd (inotify: /etc/sysmond.ph).
    2017:02:02-16:32:25 mail device-agent[29116]:   Updating IP...
    2017:02:02-16:32:26 mail device-agent[29116]:   Updating Location...
    2017:02:02-16:32:26 mail device-agent[29116]:   Reporting 1 changes to accd (inotify: /etc/location).
    2017:02:02-16:32:40 mail device-agent[29116]:   /var/log/reporting/meta/0//memswap_daily.ph does not exist. Continuing without it. (harmless)
    2017:02:02-16:32:40 mail device-agent[29116]:   /var/log/reporting/meta/0//disk_usage_daily.ph does not exist. Continuing without it. (harmless)
    2017:02:02-16:32:40 mail device-agent[29116]:   /var/log/reporting/meta/0//memswap_weekly.ph does not exist. Continuing without it. (harmless)
    2017:02:02-16:32:40 mail device-agent[29116]:   /var/log/reporting/meta/0//disk_usage_weekly.ph does not exist. Continuing without it. (harmless)
    2017:02:02-16:32:40 mail device-agent[29116]:   /var/log/reporting/meta/0//memswap_monthly.ph does not exist. Continuing without it. (harmless)
    2017:02:02-16:32:40 mail device-agent[29116]:   /var/log/reporting/meta/0//disk_usage_monthly.ph does not exist. Continuing without it. (harmless)
    2017:02:02-16:32:40 mail device-agent[29116]:   /var/log/reporting/meta/0//memswap_yearly.ph does not exist. Continuing without it. (harmless)
    2017:02:02-16:32:40 mail device-agent[29116]:   /var/log/reporting/meta/0//disk_usage_yearly.ph does not exist. Continuing without it. (harmless)

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v20 Technician

  • Hi,

    Sophos has installed the new RPM on both nodes of our system. Even with the Dual Scan Engine enabled, everything works as expected.

     

    regards,

    Andreas

  • Hi we have HA cluster, one node is down with full root partition, secondary nod is up and running, I have reconfigure av settings to avira only on second node what can I do with failed node?

  • See my Post
    community.sophos.com/.../320756

    You have to login via Shell or Console and delete these Files in /var/tmp and /tmp

    AV-malware-names-*
    cssd.*