|Applies To||RSA Product Set: Security Analytics|
RSA Product/Service Type: Security Analytics Server (jettysrv)
RSA Version/Condition: 10.4.0.0, 10.4.0.1, 10.4.0.2
Platform: CentOS 6
|Issue||In situations where the Security Analytics UI must traverse a firewall, or when AD external authentication is in use for UI login, the SA UI appears to becomes unresponsive, and only restarting the jetty webserver alleviates the issue. The issue is most frequently noticed when performing system intensive administration functions, such as pushing rules across devices when using external authentication (AD accounts).|
|Cause||In certain instances, particularly when the SA server is traversing a firewall to reach another component appliance, the SA server will not attempt to reestablish a connection when the connection has been temporarily lost or has reached an idle timeout value (such as those set by a firewall). This has been determined as a product deficiency, and subsequently binary relief has been issued by RSA to mitigate the problem.|
This issue only occurs in Security Analytics versions 10.4.0.0, 10.4.0.1 and 10.0.4.2. Hotfixes are available for versions 10.0.4.1 and 10.0.4.2.
|Workaround||If you are unable to patch Jetty, stopping and starting the jettysrv service on the SA server will resolve the issue until binary relief can be applied.|