SMA - Current AsyncOS Version - Page 2

joshuaclark2014 · ‎12-29-2014

Every day or so I receive this notification "SMA down; Outbreak quarantine rescan failed". The SMA is never truly down nor is there a network hiccup as far as I can tell, what could be causing this? It happens numerous times a week and causes me to test and send out notifications to the entire team the SMA is NOT down.

wladimir.gruenemaier · ‎08-04-2015

Hello,

i have the same issues.

What is the Release of your SMA/ESA?

joshuaclark2014 · ‎08-04-2015

SMA - Current AsyncOS Version: 9.5.0-125

ESA - Current AsyncOS Version: 9.6.0-042

Robert Sherwin · ‎08-04-2015

Yep - always be sure to keep the support matrix in mind for ESA > SMA communication:

http://www.cisco.com/c/dam/en/us/td/docs/security/security_management/sma/sma_all/SMA-ESA-WSA_Compatibility.pdf

Good rule of thumb as well - when upgrading appliances, upgrade SMA first, ESA second!

Cheers,
Robert Sherwin

joshuaclark2014 · ‎08-04-2015

Robert is correct to look at the matrix, I did my upgrades in many stages (not all at once). As each GD release was let out, I upgraded the SMA then ESA's until finally reaching the latest GD release.

The issue first started when the SMA was physical (no virtual SMA yet) and the ESA's were virtual (same AsyncOS versions). Cisco TAC went through everything and could not find the root cause but it just so happened this was exactly the time the Virtual SMA was released so I immediately cut-over to the virtual SMA and rebuilt the config/upgraded to the new XML versions.

I dont know if the virtual SMA / virtual ESA being on the same network mading the difference, or the upgraded AsyncOS releases, or if it was just due to a physical issue on the SMA itself, BUT after going through the painful steps to migrate 4 cluster nodes to the latest release, in the end it made the difference and a noticeable impact for the better.

Greg Muszynski · ‎09-24-2015

we have the same problem and it is now September 2015 here are our hardware and OS versions, pretty much as up to date as you can get

M670 - 9.5.1-009

C380 - 9.6.0-051

wladimir.gruenemaier · ‎10-07-2015

In my case the problem was some message and content filters @ group-level

Scenario6:

http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118026-technote-esa-00.html

In your case it could be something else...

Hope this helps!

joshuaclark2014 · ‎10-07-2015

Thanks for the info but my problem is not related to the PVO central settings. It turns out to be a bug in the older software and hasn't returned since updating to the later versions of AsyncOS.

johnsdao1 · ‎08-04-2015

Im running 9.1.0-32 on both

joshuaclark2014 · ‎08-04-2015

I would definitely look into upgrading AsyncOS, they have a lot of cool new features but more importantly fixed alot of bugs in the later releases. The issue with the outbreak is better for me after going to the latest GD releases.

Not 100% fixed but it went from like 25 - 50 emails A DAY, to maybe once or twice a week.