topic Since the latest 9.0.1 in Web Security

WSA 9.0.1 build 135 stable?

dkorell — Tue, 05 Jan 2016 19:19:46 GMT

I've been working with TAC for awhile on a range request bug and TLS 1.1 and 1.2 support and I have been provisioned to download 9.0.1. I know people in this forum have been using this version for awhile so I'm curious how it's going. I'm on 8.0.8 now and the lack of TLS support has caused many issues and I've had to make exclusions for sites.

What device are you referring

Philip D'Ath — Wed, 06 Jan 2016 07:24:50 GMT

What device are you referring to?

Web Security Appliance

dkorell — Wed, 06 Jan 2016 15:56:20 GMT

Web Security Appliance (Title updated)

I have had TAC promise me a

Paul Cardelli — Thu, 07 Jan 2016 14:47:12 GMT

I have had TAC promise me a couple bug fixes that we run into on occasion in 9.0.1. I was told it was expected to be released mid Dec 2015. We are coming up on Mid Jan 2016. Hopefully it is worth the wait. Seems like I'm having to bypass a number of popular sites in order to keep things running.

FedEx.com and Paypal.com logins stopped working for us yesterday for example. Seems as SSL configurations get stronger our WSA get weaker and even problematic.

"Seems as SSL configurations

dkorell — Thu, 07 Jan 2016 15:23:58 GMT

"Seems as SSL configurations get stronger our WSA get weaker and even problematic."

You hit the nail on the head and why we have become very frustrated. Not that Websense was all roses but at times we are really missing our old system.

Its going ok for me. I was

Ken Stieers — Thu, 07 Jan 2016 15:55:35 GMT

Its going ok for me. I was in the 9.0 beta, upgraded a prod VM to 9.0, had some weird performance issues, so I deployed a fresh 9.0.1-135 vm.

I'm happy with it so far. Performance has been better, and I was able to dump almost everything out of my "don't decrypt" category (used to get around TLS 1.1/1.2 issues)

I did get bit by CSCum86749, and that lately, after uploading a cert, the proxy needs a kick to pick it up...

Since the latest 9.0.1

dkorell — Thu, 17 Mar 2016 17:48:58 GMT

Since the latest 9.0.1 version is general deployment I upgraded today. So far as a result I've been able to start dumping some of my custom HTTPS URLs. I had to actually add a remote support website as a result of the upgrade which was kind of odd. I'm not sure exactly what the issue was but it wouldn't connect, users needed it to work now and adding to the HTTPS URL list fixed it.

Does that site use flash?

Ken Stieers — Thu, 17 Mar 2016 18:16:44 GMT

Does that site use flash?

I went from 135 to 166 last week, and some banking sites that use flash for "security" are having issues...I have a ticket open, we'll see if we can get it figured out.

It's like Webex where you

dkorell — Mon, 21 Mar 2016 15:06:40 GMT

It's like Webex where you login to a website, download a program and then you can share your desktop. The browser part works but when the program launches and tries to connect to their server it fails. Maybe certificate related. I have similar issues with Outlook, Jabber and Cisco CRES where I have to make exceptions for the clients or else they won't connect.