Skip to content
  • There are no suggestions because the search field is empty.

RSA Security Analytics 10.4 UI sporadically becomes unresponsive

Issue

In situations where the Security Analytics UI must traverse a firewall, or when AD external authentication is in use for UI login, the SA UI appears to becomes unresponsive, and only restarting the jetty webserver alleviates the issue.  The issue is most frequently noticed when performing system intensive administration functions, such as pushing rules across devices when using external authentication (AD accounts).


Cause

In certain instances, particularly when the SA server is traversing a firewall to reach another component appliance, the SA server will not attempt to reestablish a connection when the connection has been temporarily lost or has reached an idle timeout value (such as those set by a firewall). This has been determined as a product deficiency, and subsequently binary relief has been issued by RSA to mitigate the problem.


Workaround

If you are unable to patch Jetty, stopping and starting the jettysrv service on the SA server will resolve the issue until binary relief can be applied.


Resolution

This issue only occurs in Security Analytics versions 10.4.0.0, 10.4.0.1 and 10.0.4.2.  Hotfixes are available for versions 10.0.4.1 and 10.0.4.2.
Future releases of RSA Security Analytics 10.4 will also include this fix.

Patch 3 for SA 10.4.0, which includes the fix, will be available for download from the RSA Download Central portal when it releases in Q4 '14.

To request a hotfix for versions 10.4.0.1 or 10.4.0.2, contact RSA Support at 1-800-995-5095 and refer to this article number.


Product Details

RSA Product Set: Security Analytics
RSA Product/Service Type: Security Analytics Server (jettysrv)
RSA Version/Condition: 10.4.0.0, 10.4.0.1, 10.4.0.2
Platform: CentOS 6

Summary

In situations where the UI must traverse a firewall, or when AD external authentication is in use for Security Analytics UI login, the UI can become unresponsive. Restarting jettysrv works around the problem. The problem is more frequently noticed when performing time intensive activities, such as pushing large feeds across to devices.


Approval Reviewer Queue

Technical approval queue