cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Re: Anyone is using NSP 9.2?

After some time on NSM 9.2.7.9, I found the one more issue.

After upgrade from 8.3 there is no UDS signatures displayed in the Custom Attacks view. The signatures are included in IPS policies and are matched OK but when I open Custom Attacks view to display all UDS (McAfee/Snort), the list is empty. When close such view, NSM asks about discard changes.

So UDS are in the system, but the list can not display them.

Anyone also see this behavior ?

Tags (1)
kylekat
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 12 of 18

Re: Anyone is using NSP 9.2?

After a couple weeks on 9.2, I can say, wait before upgrading... Too many unresolved issues. I have reported one confirmed BUG and 1 unconfirmed being seen by developers.

 

I regret having made the jump, should have stayed in 9.1

petermason
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 13 of 18

Re: Anyone is using NSP 9.2?

Hi Kylekat,

What are the bugs you're seeing? Are they having a big impact on your environment?

Thanks

Peter Mason

kylekat
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 14 of 18

Re: Anyone is using NSP 9.2?

The official BUG is my secondary NSM server randomly spiking to 100% CPU utilization by process Java.exe and remaining there until the NSM services are manually stopped. This is not affecting my primary, so all that is lost in the redundancy/High Availability.

The Not-yet-considered-bug is my primary NSM server's dashboards showing either blank or outfated inforamtion. It is believed to be a problem with the Solr database. Still being investigated by Support.

Luckily, none of these prevent the IPS sensors from doing their jobs, so security is not impaired in my environment.

kylekat
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 15 of 18

Re: Anyone is using NSP 9.2?

Just to wrap this up, Mcafee Support is strongly recommending customers to stay on Main Release 9.1 unless strictly necessary for one of the new features released on 9.2

Both my issues are official bugs now.

I wish I had known earlier about this recommendation, but since I so not want to downgrade all my infrastructure all over again, im going to have to hang on to it.

dotax
Level 9
Report Inappropriate Content
Message 16 of 18

Re: Anyone is using NSP 9.2?

Hi Kylekat, 

It seems that 9.2 has outbound SSL decryption features, did you happended to evaluate this feature?

kylekat
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 17 of 18

Re: Anyone is using NSP 9.2?

I have not.

tonyssbear
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 18 of 18

Re: Anyone is using NSP 9.2?

A memory high false alert is coming by 9.2 version

Support suggest to down grade to main release 9.1

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community