Field Notice: FN - 63815 - WSA: McAfee Engine Update Necessary for Web Security Appliances - Software Upgrade Recommended
Available Languages
Notice
THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Revision History
| Revision | Publish Date | Comments |
|---|---|---|
1.0 |
25-Apr-14 |
Initial Release |
10.0 |
15-Dec-17 |
Migration to new field notice system |
Products Affected
| Affected OS Type | Affected Release | Affected Release Number | Comments |
|---|---|---|---|
NON-IOS |
7 |
7.7.5 |
7.1.x, 7.5.x, 7.7.5 and any 7.7.0 build prior to 725 |
Defect Information
| Defect ID | Headline |
|---|---|
| CSCuj85979 |
Problem Description
McAfee Antivirus/Anti-malware Engine version 5400 becomes End of Life (EOL) on April 30th 2014.Background
End of Life for the Antivirus/Anti-malware Engine means they stop testing new signatures (data (DAT) files) against it. Over time the efficacy of 5400 might go down as the new DATs use data structures, etc. that are only used by the newer engines. In some scenarios, the newer DATs may grow to the point to where the old engine cannot load them and fail to initialize. McAfee declared the End of Life of the 5400 Engine on October 2013 and agreed to extend its support for 6 months-- that expires on April 30th 2014. After this date all equipment running this engine might start to see a drop in the efficacy of this Antivirus/Anti Malware. Web Security Appliances running any 7.1.x, 7.5.x, or 7.7.5 builds along with any 7.7.0 build prior to 725 are still running McAfee Engine 5400.Problem Symptom
In all 3 cases, users will be unable to access the Internet. The circumstances deteriorate quickly, resulting in the inability for administrators to access the appliance, followed by a complete lockup on the appliance. In most instances, the hardware watchdog reboots the appliance. In the case of the network link resets, the appliance might require manual intervention. All three issues are resolved in AsyncOS for Web version 7.7.0-753 and 8.0.6-078 or higher. You can verify the AsyncOS software version that your Web Security Appliance (WSA) is running on the command line interface (CLI), using the version command: > version
...
Version: 7.7.0-725
Workaround/Solution
Upgrade your Web Security Appliance to 7.1.4-102, 7.5.2-304, 7.7.0-725, 7.7.5-195, or any 8.0 to ensure you are running the McAfee Engine 5600. To upgrade your appliance: - On the Web Interface: 1. On the System Administration > System Upgrade page, click Available Upgrades. 2. The page refreshes with a list of available AsyncOS for Web upgrade versions. 3. Click Begin Upgrade to start the upgrade process. Answer the questions as they appear. 4. When the upgrade is complete, click Reboot Now to reboot the Web Security appliance. - On the CLI use the command ?upgrade? and answer the questions as they appear. It will show you a list of available versions, select one of the versions with the new engine and reboot your appliance after the upgrade is complete. Should you have any questions, please contact your local Cisco Support Team.For More Information
If you require further assistance, or if you have any further questions regarding this field notice, please contact the Cisco Systems Technical Assistance Center (TAC) by one of the following methods:
Receive Email Notification For New Field Notices
Cisco Notification Service—Set up a profile to receive email updates about reliability, safety, network security, and end-of-sale issues for the Cisco products you specify.
FeedbackContact Cisco
- Open a Support Case
- (Requires a Cisco Service Contract)
This Document Applies to These Products
Unleash the Power of TAC's Virtual Assistance