Even though an updated license has been applied to the Advanced Secure Gateway, the system is still reporting license expired messages as well as an old date. This is due to the Content Analysis module in Advanced Secure Gateway and Content Analysis appliances perform subscription update checks automatically when a new engine or pattern update is available. If no update is found, the subscription details are not updated.
The subscription expiry date will update only if there is a pattern update to the AV subscription. If there is no pattern update available, the AV Subscription will not update the expiry date and appear as if it will/has expire(d). It will only update to the new expiry date once there is a pattern update pushed to the appliance.
This is a cosmetic issue, even if the AV subscriptions are actually expired on the appliance, Content Analysis and the Content Analysis module in Advanced Secure Gateway will continue to work with the current AV patterns that were valid when the subscription was last valid.
At this time, there are multiple workarounds:
These will force an AV update request to occur.
The ASG will continue processing traffic normally. This issue is purely cosmetic and causes no functional harm. The appliance will still be using the latest published definition updates. The next vendor update will cause the license to reflect the proper date.
If there is no pattern update available, the AV Subscription will not update the expiry date and appear as if it will/has expire(d). It will only update to the new expiry date once there is a pattern update pushed to the appliance.
The AV Subscription isn’t expiring it has just received a false positive due to issue:
The Main thing to indicate the actual licensing status would be the status report of the subscription update check to the subscription server: