Universal Policy Enforcement (UPE) Issue Impacting Malware Scanning in Cloud SWG


We have monitored the service for stability and this incident shall now be closed.


We have implemented a fix. We will now monitor the service for stability and provide updates as soon as new information becomes available.


We are aware of an issue that affects a small number of UPE customers that meet the following criteria:

  • The reference proxy is running SGOS 7.x, and
  • Content Analysis policy is managed using the legacy Java-based VPM in Management Center OR is managed using CPL layers within Java-based or web-based VPM in Management Center

When these conditions are true, malware scanning in Cloud SWG will not properly execute, resulting in false negatives. Other filtering policies, including those that block malicious sites based on category, are not impacted.

We have identified the root cause as a cloud service-side problem, and we anticipate remediation within the next several hours. A follow-up communication will be sent as soon as the patch has been applied to the production environment. A full root cause analysis will be subsequently made available by 5pm US Pacific Time on Friday, December 16, 2022.

Please note that the remediation steps currently being implemented target affected customers only. Therefore, if your on-prem reference device is still ProxySG 6.x, please contact support before upgrading.

All other aspects of our services remain functional. We will provide additional updates as new information becomes available.

Began at:

Affected components