Content & Malware Analysis

 View Only
  • 1.  Cylance Patterns Update Failure

    Posted Jun 20, 2020 07:28 AM
    Hi Everyone, I have ASG and also CAS, both of them doesn't update specifically Cylance patterns. Everything else on both appliances are able to update but Cylance. When I checked in the logs, I found the below error when I try to update Cylance "(not authorized)"


    Just wanted to check if anyone else having issue with Cylance pattern updates. Does Symantec still support Cylance updates?

    Thanks

    ------------------------------
    Symantec Enthusiast
    ------------------------------


  • 2.  RE: Cylance Patterns Update Failure

    Posted Jun 27, 2020 04:57 PM
    Can anyone reply to this query? Is Cylance no longer supported?

    ------------------------------
    Symantec Enthusiast
    ------------------------------



  • 3.  RE: Cylance Patterns Update Failure

    Posted Jul 13, 2020 03:44 AM

    Hello

    It is obsolete.

    BR,

    Kostas




  • 4.  RE: Cylance Patterns Update Failure

    Posted Nov 09, 2020 10:55 PM

    Following the acquisition of BlueCoat by Symantec, Cylance was removed as an available offering. To fill this
    demand, Content Analysis added support for Symantec Advanced Machine Learning (Symantec AML). While
    Symantec AML filled the need for a predictive file analysis engine, it introduced the possibility of running a
    non-recommended configuration. Namely, when running Symantec AML and two other non-Symantec AV
    engines Content Analysis running on ASG becomes over-utilized, which can lead to system instability.
    This configuration: running two non-Symantec AV engines and Symantec AML is the functional equivalent of
    running 3 AV engines, which severely reduces performance. This can lead to CAS dropping ICAP connections or
    even killing the Content Analysis System, forcing a perpetual reboot cycle. In some situations, this can even
    affect the ProxySG running on the same ASG appliance.
    Because of the potential impact of this configuration, any ASG appliance running CAS with Symantec AML and
    two other non-Symantec AV engines are in a non-supported configuration and should refer to the following
    section on how to return their appliance to an acceptable configuration
    https://knowledge.broadcom.com/external/article?articleId=195314