RSA has identified a potential issue that affects a subset of the appliances shipped between September 2014 through January 2015. The issue has been traced to specific manufacturing lots of SD Cards that sometimes appear to have failed.
How do I know if I am affected?
Customers who have appliances shipped between these dates may contain SD cards from these manufacturing lots. RSA has developed a custom IPMI tool that can be used to check if appliances contain the affected cards. Please see KB article 000030306 https://rsaportal.force.com/customer/articles/How_To/Using-the-IPMITOOL-Script-to-check-and-identify-SD-cards-in-an-RSA-Security-Analytics-S4S-Appliance for details.
What should I do if I find an appliance that has the affected cards?
For customer systems containing the affected SD cards, there are two possible paths to resolution:
If running version 10.4.0.2 or above, the appliance can be reimaged with a version of Security Analytics that moves the operating system from the SD card to the hard drives and eliminates the risk. Please see Knowledge Base article 000029977 https://rsaportal.force.com/customer/articles/How_To/SA-10-4-0-2B-instructions-for-build-sticking-an-appliance for build stick reimaging instructions.
Customers running versions lower than SA 10.4.0.2 may eliminate risk by replacing the SD cards in any affected appliance. Please see KB article 000030298 https://rsaportal.force.com/customer/articles/How_To/Replacing-SD-Cards-in-RSA-Security-Analytics-Series-4S-Appliances for SD card replacement.
For further information please contact Customer Support.