|Applies To||RSA Product Set: Web Threat Detection|
RSA Product/Service Type: Forensics
RSA Version/Condition: 6.2 - 6.3
|Issue||Customers using WTD versions less than 6.4 will find that the GeoLite database is outdated and does not have accurate information anymore. However, it will no longer update. There is an error "Database Edition Not Found"|
What is the solution to this issue?
|Resolution||WTD has used for years Maxmind.com product GeoLite to provide IP Geolocation. This is version 1 and is a free product(now considered Legacy) that is used in WTD versions up to 6.3|
On January 2, 2019, Maxmind discontinued our GeoLite Legacy databases. This discontinuation was first announced on January 2, 2018.
GeoLite Legacy databases as are used in WTD versions less than 6.4 are no longer available for download. (This is a database with the extension .dat) Attempting to download a GeoLite Legacy database file will result in the error: “Database edition not found”.
Free geolocation data is still available through Maxmind's GeoLite2 databases.<Link>
This <link> takes you to https://dev.maxmind.com/geoip/geoip2/geolite2/
However, this is a database with extension .mmdb which will not work in WTD versions less than 6.4.
What are the options for users with WTD versions < 6.4??
|Notes||Note regarding the difference in the free versus paid geolocation databases|
According to Maxmind on link https://dev.maxmind.com/geoip/geoip2/geolite2/
"GeoLite2 databases are free IP geolocation databases comparable to, but less accurate than, MaxMind’s GeoIP2 databases."