Summary: Issue where devices are going into automatic isolation or coming out of isolation are not in the state that the Dashboard/portal thinks it is in. Cisco TAC ndicated there is a bug case CSCwj36632 but is not public. I'm making this publ...
As of early this morning around 4A Central, FMC is blocking updates from 23.220.206.79 with a URL of updates-dyn-talos.sco.cisco.com. anybody else seeing this
Cisco recommended to disable LDAPS and fallback to LDAP for the Realms-Direcorty integration. Anyone else have a problem with this recommendation besides myself?
Were you able to resolve this issue? I have the same problem. I think the last change I made that broke this was to disable some older cipher suite (3DES) on our Windows DC. Not sure it is related but authenticated via Kerberos for Remote Storag...
The problem returned so the fix above did not work. This is definintely a memory leak. If you update the Policy from the Amp console, SFC.EXE will reload and clear the memory as a temporary fix (or restart the service). There is a now CISCO BUG...
I believe the TAC case is private to our company. After reviewing the debug information, we believe the problem was due our use EDR/XDR agent use for vulnerability scanning. I noticed after each vulnerability scan, the memory would increase by 2...
Been seeing this issue across all of our Windows 2019 Servers since 8.21. I had already open 1 TAC case and added some exclusion but has not fixed the issue. Will open another TAC case. This looks to be a memory leak somewhere.
That's what we did but prefer Cisco makes a public announcement and provide the updated signature files so the paying customers do not have to do any guess work.
