ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

extended av on ssg 140

08.28.08   |  
‎08-28-2008 11:59 AM
I tried moving to the extended AV pattern on our SSG 140 and started to get "AV pattern file size too large" messages on the firewall.  'get file info' output is 'There are 98674688 bytes free (120975360 total) on disk "flash:"', which I believe is sufficient for the extended signatures, so what could be causing this?
5 REPLIES
ScreenOS Firewalls (NOT SRX)

Re: extended av on ssg 140

08.28.08   |  
‎08-28-2008 02:43 PM

Hi,

 

What version of code are you running?

 

Regards

 

Andy

JNCIS-FWV
JNCIA-WX
JNCIA-SSL
JNCIA-ER
ScreenOS Firewalls (NOT SRX)

Re: extended av on ssg 140

08.28.08   |  
‎08-28-2008 03:12 PM

6.1R3
 

ScreenOS Firewalls (NOT SRX)

Re: extended av on ssg 140

08.28.08   |  
‎08-28-2008 04:23 PM

Hi,

 

I have just tried it on my SSG20 as getting the same error message. I know the the firewalls used to be limited to a 10mb max for the pattern size and the extended pattern size is about 30mb. So I dont know if you have to do something to allow it to save the 30mb, you would have though it would do that when you set it to Extended mode.

 

Had a look in the message log guide and it recommend opening a TAC case if you get the message. Hope fully one of the other forum people might be able to shed some light.

 

Regards

 

Andy

JNCIS-FWV
JNCIA-WX
JNCIA-SSL
JNCIA-ER
ScreenOS Firewalls (NOT SRX)

Re: extended av on ssg 140

08.28.08   |  
‎08-28-2008 07:34 PM
It's a known Kaspersky issue.  They are going to try to stay within the 30 MB limit, but we'll see how that goes.
ScreenOS Firewalls (NOT SRX)

Re: extended av on ssg 140

08.29.08   |  
‎08-29-2008 12:27 PM

... so what I'm hearing is that I'm better off just setting it down to standard.

 

Thanks!