Failover SXL lookups to Smart Filter Cache
SXL lookups regularly fail due to issues with the the Sophos service, the virtual host the service is running on or simply just networking issues local to the UTM.
As the technology already exists to use an offline file then why not simply have an SXL fail over to the local categories. For example, if there was no response to an SXL lookup in 15 seconds failover to the local cache for the next 5 min.
This way there should never be any downtime in the service which either leaves a customer unable to browse the web or allows a big hole in security where anyone can access any site.
Hanspeter Holzer commented
After updating to 9.3 with pure SXL we are getting a lot of problems with the current lookup logic. Every time the SXL Servers can't be reached, ALL sites go into "uncategorized" - which is absolutely unacceptable. Blocking "uncategorized" is no solution either, because that would mean complete blocking every-time SXL fails.
Why is there no possibilty for a local cache, on appliances with 8+ GB RAM?
Or at least an automated failover to a locally cached DB?
Everything would be better than the current system.