Check the Control Center App DB version under Control Center -> Settings -> System -> Application Signature Updates. The 'Installed signature version' will let you know which app db version CC has. Compare this to the firewall's application version ('cf appdb v' on the command-line or under Maintenance -> Updates in the GUI). If the versions differ, force the CC to download the latest db.
To Download the latest Appdb signature within CC:
1. Login in CC client
2. Click Control Center Tab
3. Click/Open Settings Node in the left
4. Double Click System
5. On the popup "System Setting" screen Click Application Signature Updates Tab
6. Click Download Now
7. It will pop up a message saying "Application Signatures download job started". Click Ok
8. Click the Ok Button on "System Setting" screen
Now try a validate against that firewall.
Thanks Sam, we also have Ryan on the phone responding to our ticket. The CC AppDB version is 3.295 and the Firewall version is 3.101, we are going to get the app db updated and then test.
However, in my pilot upgrade they have the same differing versions and the validation worked, however the production has additional objects so maybe one of those apps have been updated. We'll confirm results.
We manually downloaded the newest database version using McAfee KnowledgeBase - Firewall Enterprise: How to manually download IPS, anti-virus, AppPrism signature, Geolocation, a… , and installed on the firewall from the command line, the only thing we noticed that the KB doesn't cover, is that to install the file the file type needs to be Admin:file, so if you copy to a folder like /home(as the KB suggests) you have to escalate the type, or just copy to an escalated location like /var/log and it will inherit from the directory.
We identified the application using the ID 4100e000 as TACACS+, which did not exist as that id in the previous version 3.101.