Just discovered that when Nessus scans our servers, it compromises the redundancy. JVM hangs. The Backup cannot ping the primary, and the backup tries to become primary. Disconnect, reconnect, restart, etc. in the logs. This was exposed when some transaction groups triggered when they should not have. Anyone else have any experience with this and what have you done to rectify it? thanks.
The full version of Ignition you are using is likely relevant.
thank you. We are at 7.9.17. See the response from fellow IA employee Joe R below:
Joe Rosenkrans (Inductive Automation)
Aug 11, 2021, 6:23 AM PDT
Anything that interrupts websockets or access to our file structure can cause the JVM to hang. This is the fault of the vulnerability scanner interrupting that communication, I would exclude the Ignition websockets from your scans 8060/8750(default) and make sure that the scanner does not scan the file structure of the install directory of either platform. Default installation location is program files/inductive automation.
Huh. Well, I disagree with part of that statement. If you mess around on the file system then sure, that can be disruptive. But you shouldn’t be able to significantly disrupt the gateway over the network.