Cisco Cisco Firepower Management Center 2000
6
FireSIGHT System Release Notes
Version 5.3.1.3
Before You Begin: Important Update and Compatibility Notes
If a previously undetected file matches a file rule with a Malware Cloud Lookup action, the system
generates file events but requires additional time to perform a cloud lookup and return a disposition.
Due to this delay, the system cannot store files matching a file rule with a Malware Cloud Lookup
action until the second time they are seen on your network. (143973/CSCze95101,
144180/CSCze94566)
generates file events but requires additional time to perform a cloud lookup and return a disposition.
Due to this delay, the system cannot store files matching a file rule with a Malware Cloud Lookup
action until the second time they are seen on your network. (143973/CSCze95101,
144180/CSCze94566)
•
The FireSIGHT System User Guide does not reflect that you can now choose whether to inspect
traffic during policy apply. Inspecting traffic during policy apply on a heavily loaded system may
have an impact on network throughput and latency. If this side effect is not ideal for your network
setup and connectivity is more important than inspection unchecking this box will disable inspection
temporarily during policy apply and ensure that no packets are dropped during the procedure. After
policy apply is successful inspection will resume as normal. (144574/CSCze95159)
traffic during policy apply. Inspecting traffic during policy apply on a heavily loaded system may
have an impact on network throughput and latency. If this side effect is not ideal for your network
setup and connectivity is more important than inspection unchecking this box will disable inspection
temporarily during policy apply and ensure that no packets are dropped during the procedure. After
policy apply is successful inspection will resume as normal. (144574/CSCze95159)
•
The FireSIGHT System User Guide incorrectly refers to the 5.3.1 STIG release notes. The STIG
release notes for Version 5.3 should also be used for Version 5.3.1. Contact Support for the 5.3 STIG
release notes. (CSCur79089)
release notes for Version 5.3 should also be used for Version 5.3.1. Contact Support for the 5.3 STIG
release notes. (CSCur79089)
•
The FireSIGHT System Virtual Installation Guide incorrectly states the following about logging in
to a virtual device at the VMware console using admin as the username and the new admin account
password specified in the deployment setup wizard:
to a virtual device at the VMware console using admin as the username and the new admin account
password specified in the deployment setup wizard:
If you did not change the password using
the wizard or you are deploying with a ESXi OVF template, use Cisco as the password.
The documentation should state that if you did not change the password using the wizard or you are
deploying with a ESXi OVF template, use Sourcefire as the password. (CSCut77002)
deploying with a ESXi OVF template, use Sourcefire as the password. (CSCut77002)
Before You Begin: Important Update and Compatibility Notes
Before you begin the update process for Version 5.3.1.3, you should familiarize yourself with the
behavior of the system during the update process, as well as with any compatibility issues or required
pre- or post-update configuration changes.
behavior of the system during the update process, as well as with any compatibility issues or required
pre- or post-update configuration changes.
Caution
Cisco strongly recommends you perform the update in a maintenance window or at a time when the
interruption will have the least impact on your deployment.
interruption will have the least impact on your deployment.
For more information, see the following sections:
•
•
•
•
•
•
Configuration and Event Backup Guidelines
Before you begin the update, Cisco strongly recommends that you delete or move any backup files that
reside on your appliance, then back up current event and configuration data to an external location.
reside on your appliance, then back up current event and configuration data to an external location.
Before you begin the update, Cisco strongly recommends that you back up current event and
configuration data to an external location. This data is not backed up as part of the update process.
configuration data to an external location. This data is not backed up as part of the update process.