THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
Affected Software Product | Affected Release | Affected Release Number | Comments |
---|---|---|---|
AsyncOS for WSA | 11 | 11.8.0, 11.8.1, 11.8.1-023, 11.8.3, 11.8.4, 11.8.4-004 | |
AsyncOS for WSA | 12 | 12.0.1, 12.0.1 GD, 12.0.1 GD-334, 12.0.1-268, 12.0.3, 12.0.3-005, 12.0.3-007, 12.0.4, 12.0.4-002, 12.0.5-011, 12.5.1, 12.5.1 GD, 12.5.1 GD-043, 12.5.1-011, 12.5.2, 12.5.2-007, 12.5.2-011, 12.5.3, 12.5.3-002, 12.5.4-005, 12.5.4-011, 12.5.5-004, 12.5.5-005, 12.5.5-008, 12.5.6-008 | |
AsyncOS for WSA | 14 | 14.0.1 GD, 14.0.1 GD-053, 14.0.1 GD-503, 14.0.2, 14.0.3-014, 14.5.0(GD)-537, 14.5.0(GD)-673, 14.5.0-498, 14.5.1 MD-008, 14.5.1-008, 14.5.1MD-016, 14.5.2-011 | |
AsyncOS for WSA | 15 | 15.0.0-322, 15.0.0-355, 15.1.0-287, 15.2.0-116 |
Defect ID | Headline |
CSCwk66804 | Impact on SWA (disk space) if GTA/CTA configuration enabled after GTA/CTA EoS |
Cisco Cognitive Threat Analytics will reach end of service on August 1, 2024. As a result, Cisco Secure Web Appliances with a Cisco Cognitive Threat Analytics subscription that has a W3C Logs subscription with the SCP on Remote Server option enabled will no longer be able to push SCP logs to etr.cloudsec.sco.cisco.com.
When an SCP log push is not successful from the Cisco Secure Web Appliance to the target server, the log files will be stored locally on the Cisco Secure Web Appliance until the SCP host is accessible and the Cisco Secure Web Appliance can push the logs successfully. If the feature/log subscription is not disabled, logs stored locally in the Cisco Secure Web Appliance because of an unsuccessful SCP push will fill up the disk space in the Cisco Secure Web Appliance, resulting in performance degradation.
As of July 31, 2024, Cisco Cognitive Threat Analytics services will no longer work because the product will reach end of service. For more information, see End-of-Service Announcement or the Cisco’s Global Threat Alerts (GTA) Service.
After July 31, 2024, Cisco Security Web Appliances with Cisco Cognitive Threat Analytics settings enabled with a Cisco Cognitive Threat Analytics Subscription will be at risk of filling the disk space.
When the disk space of the data directory exceeds the threshold of 90 percent, the following will happen:
If the issue is not resolved, the following may be observed:
This list is not an exhaustive list of possible impacts.
Solution
To avoid running into disk space issues, do the following from the Cisco Secure Web Appliance web UI:
If issues with disk space continue, open a case with the Cisco Technical Assistance Center (TAC).
Version | Description | Section | Date |
1.0 | Initial Release | — | 2024-AUG-01 |
For further assistance or for more information about this field notice, contact the Cisco Technical Assistance Center (TAC) using one of the following methods:
To receive email updates about Field Notices (reliability and safety issues), Security Advisories (network security issues), and end-of-life announcements for specific Cisco products, set up a profile in My Notifications.
Unleash the Power of TAC's Virtual Assistance