Unable to update ProxyAV virus definitions through ProxySG after upgrading to AVOS 3.3
You may not be able to update your ProxyAV virus definitions through ProxySG after upgrading to AVOS 3.3. This happens when you have protocol detection enabled on your ProxySG running SGOS 5.4.4, 5.5.3 or an earlier version.
This is due to the fix for CVE-2009-3555 - TLS/SSLv3 renegotiation. More information at https://kb.bluecoat.com/index?page=content&id=SA44
1. Upgrade to the latest SGOS 5.4 and 5.5 GA. At the time of writing, they are SGOS 18.104.22.168 and SGOS 22.214.171.124 respectively. If you are using BCAAA, it should be upgraded along to the version that comes with the new SGOS.
2. As a workaround, disable SSL protocol detection with the Content Policy Language (CPL) below :
Rate this Page
Please take a moment to complete this form to help us better serve you.