Websense Appliance at 100% CPU

Published: 2013-07-10. Last Updated: 2013-07-10 19:23:16 UTC
by Richard Porter (Version: 1)
6 comment(s)

Some readers have reported in (Thanks!) that their inline Websense appliances are spiking to 100% after an update. The Websense team is aware and quickly working on a fix we are told. If you are seeing this behavior please let us know!

 

Richard Porter 

@packetalien

richard at pedantictheory dot com

Keywords:
6 comment(s)

Comments

From Websense's support site: "ALERT - 10-JULY-13 @ 10:57 AM PDT: A problem with a recent real-time Websense database update is currently impacting Websense proxy servers. This is affecting all web security customers. Engineers are working to resolve these issues. CURRENT STATUS: Active"
Yeah we are seeing this, every appliance spiked at 100%, applying fix now.
Turning off all advanced scanning features restored functionality for our users, albeit it at a reduced security posture.

Under scanning options, I turned off:
-Analyze content to categorize sites not in the Master Database
-Analyze Web traffic for application protocols tunneling over HTTP and HTTPS.
-Analyze Web content in incoming traffic and block malicious content
A manual WCG database update fixed the proxies at 3:50 PM EDT. A manual email gateway update done after 4:30 PM fixed the ESGs. We did have to restart those services to get the CPU low enough to take it.
What's the version number of the updated database?
We are presently at v7.7.3 and the DB we show is 04387 and are now working fine again.

We experienced failure to load, DNS host not found, and sluggish loading for over 4 hours.

Websense support has sent an email with some details.

Diary Archives