ATP Series - signature Update not always working?

Mario · August 2022

Hi

I discovered by accident that the signature update on ATP firewalls works very unreliably.

ATP200 with 5.31

Image: https://us.v-cdn.net/6029482/uploads/editor/xe/vkv7l3nrq3po.png

ATP200 with 5.30 (AV is from 2022-07-16 -> more then one MONTH!)

Image: https://us.v-cdn.net/6029482/uploads/editor/sk/jnzii2knit83.png

on two other Firewalls (ATP200 & ATP500) I did a manual serach for the update, then I have real up-to-date signatures

Image: https://us.v-cdn.net/6029482/uploads/editor/u5/ibzfk5nz0evn.png

Can anyone please post the status of his devices?

Thanks

Mario

AndreaC · August 2022

I have the same problem on most of the devices updated to version 5.31.

@Mario you say it is a bug, I have not found information about that.
Can anyone confirm?

mMontana · August 2022

For what it's worth... Lab firmware 5.31 Patch0 WK31 (no pun intended) has been released which fixes some of the issues. Lab firmwares for the various ZLD 5.x devices can be found here.

https://support.zyxel.eu/hc/en-us/articles/360005438274-Weekly-Firmware-Support-Version-Lab-Version

Devices are dual firmware capable, so maybe for someone upgrade to the latest firmware (the running one or the backup one) might be worth the shot.

If you wish, wait for Zyxel representatives for confirmation about the reliability of the url provided by me.

I'm using 4.72 WK28 for some devices of my customers, due to the recent vulnerability disclosure.

Zyxel_Kevin · August 2022

Hi @Mario, @AndreasC ,
Could you kindly install the latest weekly firmware ? The weekly have fixed the issue.
https://support.zyxel.eu/hc/en-us/articles/360005438274-Weekly-Firmware-Support-Version-Lab-Version
Thank you
Kevin

Mario · August 2022

Hi Kevin

I still have problems with FW V5.31(ABFU.0)ITS-22WK31-r104914 on an ATP500.

See the screenshot from today, signature is from 2022-08-21 and the last check was 2022-08-23 12:51

Image: https://us.v-cdn.net/6029482/uploads/editor/2c/m1lflea9wc76.png

After forcing an update I got a new signature from 2022-08-22!

I created a ticket for this issue.

Image: https://us.v-cdn.net/6029482/uploads/editor/fe/ix9jgjff78z7.png

AndreaC · August 2022

i have the same issue described by mario on ATP200 and on all features. The manual update, updates the definitions correctly, while the scheduled update does not update anything

Zyxel_Kevin · August 2022

Hi @Mario , @AndreasC,
Please kindly find the Inbox.
I have provided Date Firmware, Please confirm if the problem still exists.
Thank you
Kevin

Mario · August 2022

@Zyxel_Kevin thanks for the firmware. Installed on 3 device last night, now I keep an eye on it.

AndreaC · December 2022

@Zyxel_KevinAfter upgrading an ATP200 from firmware V5.31(ABFW.0)ITS-22WK31 to V5.32(ABFW.0), the antimalware definitions do not update and are stuck on 11/11/2022

Image: https://us.v-cdn.net/6029482/uploads/editor/zi/vijh0fwg3rxz.jpg

How can i solve this issue?

Zyxel_Kevin · December 2022

Hi @AndreaC,
Please kindly provide the remote GUI access by private message.
Please see inbox , you can restrict those ip addresses .
Thank you
Kevin

AndreaC · December 2022

Hi @Zyxel_Kevin today i try one more time manual update as i did yesterday, and Antimalware signature updated to 2.1.1.20221219.0 but Threat Intelligence Machine Learning still at 1.0.0.20221111.0
I've also noted that other ATP with 5.32 installed does not update antimalware definition, until i manually update.

ATP Series - signature Update not always working?

All Replies

Categories

Security Highlight

Security Help Center