*URGENT*NEW* Managed Releases for all Cisco Firepower Codes!* “SI & Smart License Issues are Symptoms to look for -March 5th brings Failed Cert”
*URGENT*NEW* Managed Releases for all Cisco Firepower Codes!* Have you seen an error similar to this on Firepower yesterday or today? It’s not you, there is a cert error for all of Cisco’s Security Intelligence, and Smart Licensing, along with other defects, however, this is ONLY the symptom of a larger issue to come!
Cisco released the bug info here: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa70008
Symptom: The self-signed Sourcefire VRT certificate used for Talos Security Intelligence updates and ClamAV updates is being decommissioned and will not be renewed. Due to this change, Cisco Talos Security Intelligence and ClamAV signature updates will fail after March 5, 2022.
If you’re see the symptoms of Smart Licensing and/or Security intelligence issues, you need to install the new code before 3/5.
Symptoms: “SI and Smart Licensing errors” Worse problems in background you can’t see yet
Fix: “Install new Managed Release” When though? Over the next week or two.
Here is the Bug ID with the big problems that is now customer visible: CSCwa70008
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa70008
Release Version | Fixed Version |
---|---|
Firepower 6.1.x | Migrate to a fixed release (why are you on 6.1? go to 7.1) |
Firepower 6.2.x | Firepower 6.2.3.18 or later (go to 7.1 if you have FTD) |
Firepower 6.3.x | Migrate to a fixed release (go to 7.1) |
Firepower 6.4.x | Firepower 6.4.0.13 or later (go to 7.1) |
Firepower 6.5.x | Migrate to a fixed release (go to 7.1) |
Firepower 6.6.x | Firepower 6.6.5 or later (6.6 must have two patches installed!) (go to 7.1 if possible) |
Firepower 6.7.x | Firepower 6.7.0.3 or later (go to 7.1) |
Download and install the new released codes to solve these issue before 3/5.
Thanks Todd, your support is always appreciated.
You bet, Brian!
I’m in a Firepower Webex group that opened a tac case and TAC said 6.6.5 is actually affected and the fix is in 6.6.5.2 which is slated for March 9th…. 4 days after the expiration?
oh wow, I didn’t’ hear that. TAC could be wrong, but maybe not. let me check on this
The TAC engineer doesn’t have all the info. There will be a hotfix for 6.6.5 to address the SI issue because the patch won’t be out in time, so just look for that hot fix coming out soon
Would you recommend going to 7.1 for production or wait for a hotfix for 6.6.5?
Yes, but I need to stop short of telling you to do it incase your upgrade fails, etc :)
assuming all goes well, which is usually does, 7.1 is superior to all previous codes by far
Good luck!
Todd Lammle