Force a full Content Filter Database Download on the Edge SWG (Proxy SG) or Advanced Secure Gateway
search cancel

Force a full Content Filter Database Download on the Edge SWG (Proxy SG) or Advanced Secure Gateway

book

Article ID: 166118

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

You want to force a full Blue Coat Web Filter (BCWF) content filter database download on the Edge SWG (Proxy SG) or Advanced Secure Gateway (ASG) appliance.

Resolution

This article is broken into three sections.
Section one explains how to purge and download the BCWF database.
Section two explains how to purge and download the Application Classification database.
Section three explains how to purge and download the Threat Risk database.

Note: It is not necessary to complete all sections.  Only follow the applicable section for the issue you are addressing on the ProxySG or ASG. 

To force a full download of the Blue Coat Web Filter (BCWF) content filter database

  • Ensure access to the command line interface (CLI) either through the serial port console, an SSH connection, or telnet connection. 
  • Obtain the appliance's enable password.
  • (SGOS 6.6.x and later) Disable Application Classification service if it is enabled.

Important: Force the full update only as directed by Symantec Support. Perform the update during off hours to have minimal effect on users.

  1. Disable Blue Coat as a content provider

    ProxySG#config t
    Enter configuration commands, one per line. End with CTRL-Z.
    ProxySG#(config)content-filter
    ProxySG#(config content-filter)provider bluecoat disable
      ok

     
  2. (SGOS 6.6.x and later) Disable Application Classification

    ProxySG#(config)application-classification
    ProxySG#(config application-classification)disable
      ok
  3. Purge the previous database and download a new one

ProxySG#(config content-filter)bluecoat
ProxySG#(config bluecoat)purge
  ok
ProxySG#(config bluecoat)download get-now
This may take a few minutes. Please wait...
loading database....................................................................
....................................................................................
....................................................................................
....................................................................

Download log:
  Blue Coat download at: 2009/05/29 10:42:26 -0600
  Downloading from http://list.bluecoat.com/bcwf/activity/download/bcwf.db
  Download size:      187584768
  Database date:      Fri, 29 May 2009 16:05:28 UTC
  Database expires:   Sun, 28 Jun 2009 16:05:28 UTC
  Database version:   291490400
  Database format:    1.1
  ok

ProxySG#(config bluecoat)exit
ProxySG#(config content-filter)provider bluecoat enable
loading database...
  ok

 

Note: If you have filtering enabled for ProxyClient or Unified Agent, you must disable it before running the purge command; otherwise, the command fails.

To force a full download of the Application Classification database

  1. (SGOS 6.6.x and later) Disable Application Classification

    ProxySG#(config)application-classification
    ProxySG#(config application-classification)disable
      ok

     
  2. Purge the previous database and download a new one

    ProxySG#(config application-classification)purge
      ok
    ProxySG#(config application-classification)download get-now
    This may take a few minutes. Please wait...
    loading database....................................................................
    ​....................................................................................

     
  3. Re-enable application classification

    ProxySG#(config)application-classification
    ProxySG#(config application-classification)enable
      ok

To force a full download of the Threat Protection database.

  1. Disable Threat Risk lookup.

    ProxySG#(config)threat risk
    ProxySG#(config threat-risk)disable
        ok
  2. Purge the previous downloaded database and download a new one.  The "purge" command does not show any help but will work.

    ProxySG#(config threat-risk)purge
       ok
  3. Download complete database

    ProxySG#(config threat-risk)download get-now
    This may take a few minutes. Please wait ...
    Downloading database ........................................................................
    ..............................................................................................................

    Note: This may take some time to download so should be done after hours to minimize impact to users.

  4. Re-enable Threat Protection

    ProxySG#(config)threat-risk
    ProxySG#(config threat-risk)enable
      ok

Additional Information

Purging and forcing a full download of content filter database should also address errors (sample below) that may happen after switching from BCWF to IS (Intelligence Services) .

ERROR: 1024:843 - Unable to read Copy Byte Data
  % Error : Should have at least processed something! {db-version} - {db-version}.cat