search cancel

User policy conditions don’t match after upgrade to when using Web VPM


Article ID: 173557


Updated On:


Advanced Secure Gateway Software - ASG ProxySG Software - SGOS


Advanced Secure Gateway (ASG) version,  ProxySG  version, and Reverse Proxy (RP) version have been removed from general availability on the customer download site but is available upon request in Limited Availability (LA).  SGOS Release contained an issue in the Web Visual Policy Manager (Web VPM)  that could result in changes to the installed policy with no warning displayed.

The new Web VPM should NOT be used in ASG/SG/RP If it has already been used, Symantec recommends that proxy administrators verify their existing policy and then download ASG/SG/RP version which contains a fix for this issue.



In SGOS, a defect in the code causes a problem where user objects created or reinstalled using the Web VPM get changed to group objects. This causes the rule referencing such objects to not match during evaluation. For example, a rule referencing such an object that is configured to deny access to a web site will allow access after using the Web VPM. This issue is identified as bug SG-8612.


Upgrading to SG/ASG/RP will fix the issue by correcting the erroneous policy.