04-21-2022 03:01 AM
We have an issue that we have logged a PA TAC case but wanted to stick out a forum post to see if others are having this issue.
It seems when the machine upgrades Sophos from 2.20.11 to 2.20.13, we get the following message:
"Your AntiVirus is not updated". HIP checks then fail. The only thing changed is the version of Sophos, but the HIP checks don't care about versions, or arent meant to care about versions.
This issue is happening on multiple portals deployed, all running different versions of PAN-OS. 9.0.3-h3, 9.1.7 and 10.1.3
04-28-2022 06:21 AM - edited 04-28-2022 06:23 AM
We've had the same issue running 9.1.12-h3, we've deployed a work around but could really do with a fix. The work around we've implemented is stop checking for virus definitions within a specific period which is less than ideal.
04-28-2022 06:26 AM
Uninstall and Reinstall stopped working.
When sophos is reinstalled it is at version 2.20.11, this version works but due to automatic updates enabled, it upgrades it self to 2.20.13 and this version breaks HIP checks..
Hope there will be a fix soon...
04-29-2022 06:22 AM
I logged a ticket with Sophos. Their position is that PA would have to make changes.
"Sophos is on Sting 2.0 version which is Core Agent 2.20.13 and SAV is merged into SED
Your vendor's VPN is unable to detect SED, We would recommend to contact their support so, they can make changes from their end to work with new Sophos updates. "
and referred to this page: https://support.sophos.com/support/s/article/KB-000043550?language=en_US
05-18-2022 09:19 AM
Hey @VAsupport ! We're currently working with both Sophos and OPSWAT's Engineering Teams to resolve this issue. If you're encountering the issue, please feel free to open a Support case for us to track alongside the others and we'll post any updates and/or resolution immediately once they become available!
06-16-2022 08:20 AM
On the TAC case we opened Palo confirmed that they got a new SDK from Opsswat which can detect new version of Sophos. TAC thinks that this new version will be included in the next GP version release but have no confirmation yet.
06-17-2022 01:30 AM
Hi bud
We have the same issue.
Can you please supply me with a bug ID ?
Thanks
09-08-2022 11:02 AM
Was this ever fixed? I'm having the same issue with a contractor. I've tried 5.x and now 6.x and neither worked.
09-13-2022 02:24 PM - edited 09-13-2022 02:24 PM
Now that nearly 3 months has passed since the last update, I thought I'd check and see if anybody found a resolution to this issue?
We experienced it today for the first time, as we just switched to Sophos Intercept X but haven't made an update to the Palo Alto firewalls.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
