There are several informational articles on this issue in the KB, such as FAQ1769 or KB4780. However, if the antivirus file update fails during v220.127.116.11. or later from AVOS V3.2, please refer to page 7 on the AVOS 18.104.22.168 release notes.
- The client is unable to update the antivirus pattern files and/or unable to perform a full update manually.
The AlertLogFiles on the ProxyAV displays the folowing message:
Antivirus Update failed:
Could not get antivirus engine update location.
ProxyAV (22.214.171.124(57826)) - http://www.BlueCoat.com/
=========================================;CHARSET=;SUBJECT=Antivirus Update status;TARGET=%TARGET;
- The InternalInfo.log displays the following failure messages:
2011-01-01 00:00:00+09:00JST AV Updater: start checking AV update...
2011-01-01 00:00:00+09:00JST AV Updater: can't found location in file **************
2011-01-01 00:00:00+09:00JST AV Updater: "get location" state, failed to parse location file.
- The ProxyAV configures an antivirus file update through a ProxySG appliance running SGOS v5.4.4, v5.5.3 or earlier software version.
- The Protocol Detection feature is enabled on the ProxySG appliance.
Cause of the issue
- In AVOS 126.96.36.199 or higher, the security vulnerability CVE-2009-3555, was fixed. The ProxyAV can not communicate with the download server through the ProxySG appliance because of the antivirus file update. See SA44 for more details.
a. Upgrade to the latest general availability (GA) versions of SGOS 5.4.x and 5.5.x.
Note: If using BCAAA, upgrade that version as well to ensure compatibility.
b. On the ProxySG appliance, disable SSL protocol detection. Enter the following Content Policy Language (CPL):
url.host=av-download.bluecoat.com http.method=CONNECT detect_protocol.ssl(no)