Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
735
Views
0
Helpful
8
Replies

WSA 9.0.1 build 135 stable?

dkorell
Level 1
Level 1

‎01-05-2016 11:19 AM

I've been working with TAC for awhile on a range request bug and TLS 1.1 and 1.2 support and I have been provisioned to download 9.0.1. I know people in this forum have been using this version for awhile so I'm curious how it's going. I'm on 8.0.8 now and the lack of TLS support has caused many issues and I've had to make exclusions for sites.

1 person had this problem
Labels:
0 Helpful
8 Replies 8

Philip D'Ath
VIP Alumni
VIP Alumni

‎01-05-2016 11:24 PM

What device are you referring to?

0 Helpful

dkorell
Level 1
Level 1
In response to Philip D'Ath

‎01-06-2016 07:56 AM

Web Security Appliance (Title updated)

0 Helpful

Paul Cardelli
Level 1
Level 1

‎01-07-2016 06:47 AM

I have had TAC promise me a couple bug fixes that we run into on occasion in 9.0.1. I was told it was expected to be released mid Dec 2015. We are coming up on Mid Jan 2016. Hopefully it is worth the wait. Seems like I'm having to bypass a number of popular sites in order to keep things running.

FedEx.com and Paypal.com logins stopped working for us yesterday for example. Seems as SSL configurations get stronger our WSA get weaker and even problematic.

0 Helpful

dkorell
Level 1
Level 1
In response to Paul Cardelli

‎01-07-2016 07:23 AM

"Seems as SSL configurations get stronger our WSA get weaker and even problematic."

You hit the nail on the head and why we have become very frustrated. Not that Websense was all roses but at times we are really missing our old system.

0 Helpful

Ken Stieers
VIP
VIP

‎01-07-2016 07:55 AM

Its going ok for me.  I was in the 9.0 beta, upgraded a prod VM to 9.0, had some weird performance issues, so I deployed a fresh 9.0.1-135 vm.


I'm happy with it so far.  Performance has been better, and I was able to dump almost everything out of my "don't decrypt" category (used to get around TLS 1.1/1.2 issues)


I did get bit by CSCum86749, and that lately, after uploading a cert, the proxy needs a kick to pick it up...

0 Helpful

dkorell
Level 1
Level 1

‎03-17-2016 10:48 AM

Since the latest 9.0.1 version is general deployment I upgraded today. So far as a result I've been able to start dumping some of my custom HTTPS URLs. I had to actually add a remote support website as a result of the upgrade which was kind of odd. I'm not sure exactly what the issue was but it wouldn't connect, users needed it to work now and adding to the HTTPS URL list fixed it.

0 Helpful

Ken Stieers
VIP
VIP
In response to dkorell

‎03-17-2016 11:16 AM

Does that site use flash?

I went from 135 to 166 last week, and some banking sites that use flash for "security" are having issues...I have a ticket open, we'll see if we can get it figured out.

0 Helpful

dkorell
Level 1
Level 1
In response to Ken Stieers

‎03-21-2016 08:06 AM

It's like Webex where you login to a website, download a program and then you can share your desktop. The browser part works but when the program launches and tries to connect to their server it fails. Maybe certificate related. I have similar issues with Outlook, Jabber and Cisco CRES where I have to make exceptions for the clients or else they won't connect.

0 Helpful
Customers Also Viewed These Support Documents