cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

Re: Anyone is using NSP 9.2?

After some time on NSM 9.2.7.9, I found the one more issue.

After upgrade from 8.3 there is no UDS signatures displayed in the Custom Attacks view. The signatures are included in IPS policies and are matched OK but when I open Custom Attacks view to display all UDS (McAfee/Snort), the list is empty. When close such view, NSM asks about discard changes.

So UDS are in the system, but the list can not display them.

Anyone also see this behavior ?

Tags (1)
Reliable Contributor kylekat
Reliable Contributor
Report Inappropriate Content
Message 12 of 18

Re: Anyone is using NSP 9.2?

After a couple weeks on 9.2, I can say, wait before upgrading... Too many unresolved issues. I have reported one confirmed BUG and 1 unconfirmed being seen by developers.

 

I regret having made the jump, should have stayed in 9.1

Reliable Contributor petermason
Reliable Contributor
Report Inappropriate Content
Message 13 of 18

Re: Anyone is using NSP 9.2?

Hi Kylekat,

What are the bugs you're seeing? Are they having a big impact on your environment?

Thanks

Peter Mason

Reliable Contributor kylekat
Reliable Contributor
Report Inappropriate Content
Message 14 of 18

Re: Anyone is using NSP 9.2?

The official BUG is my secondary NSM server randomly spiking to 100% CPU utilization by process Java.exe and remaining there until the NSM services are manually stopped. This is not affecting my primary, so all that is lost in the redundancy/High Availability.

The Not-yet-considered-bug is my primary NSM server's dashboards showing either blank or outfated inforamtion. It is believed to be a problem with the Solr database. Still being investigated by Support.

Luckily, none of these prevent the IPS sensors from doing their jobs, so security is not impaired in my environment.

Reliable Contributor kylekat
Reliable Contributor
Report Inappropriate Content
Message 15 of 18

Re: Anyone is using NSP 9.2?

Just to wrap this up, Mcafee Support is strongly recommending customers to stay on Main Release 9.1 unless strictly necessary for one of the new features released on 9.2

Both my issues are official bugs now.

I wish I had known earlier about this recommendation, but since I so not want to downgrade all my infrastructure all over again, im going to have to hang on to it.

dotax
Level 9
Report Inappropriate Content
Message 16 of 18

Re: Anyone is using NSP 9.2?

Hi Kylekat, 

It seems that 9.2 has outbound SSL decryption features, did you happended to evaluate this feature?

Reliable Contributor kylekat
Reliable Contributor
Report Inappropriate Content
Message 17 of 18

Re: Anyone is using NSP 9.2?

I have not.

Re: Anyone is using NSP 9.2?

A memory high false alert is coming by 9.2 version

Support suggest to down grade to main release 9.1

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community