Cisco Cisco Firepower Management Center 2000
19
FireSIGHT System Release Notes
Resolved Issues
If you are updating a stacked pair, selecting one member of the pair automatically selects the other. You must update members of a
stacked pair together.
stacked pair together.
8.
Click Install. Confirm that you want to install the update and reboot the devices.
9.
The update process begins. You can monitor the update's progress in the Defense Center’s task queue (System > Monitoring > Task
Status).
Status).
Note that managed devices may reboot twice during the update; this is expected behavior.
Caution:
If you encounter issues with the update (for example, if the task queue indicates that the update has failed or if a manual
refresh of the task queue shows no progress for several minutes), do not restart the update. Instead, contact Support.
10.
Select Devices > Device Management and confirm that the devices you updated have the correct software version: Version 5.4.0.9 or
Version 5.4.1.8.
Version 5.4.1.8.
11.
Verify that the appliances in your deployment are successfully communicating and that there are no issues reported by the health
monitor.
monitor.
12.
Reapply device configurations to all managed devices.
Tip:
To reactivate a grayed-out Apply button, edit any interface in the device configuration, then click Save without making changes.
13.
Reapply access control policies to all managed devices.
Caution:
When you apply an access control policy, resource demands may result in a small number of packets dropping without
inspection. Additionally, applying some configurations requires the Snort process to restart, which interrupts traffic inspection.
Whether traffic drops during the interruption or passes without further inspection depends on the model of the managed device and
how it handles traffic.For more information, see the Configurations that Restart the Snort Process section in the FireSIGHT System
User Guide.
Whether traffic drops during the interruption or passes without further inspection depends on the model of the managed device and
how it handles traffic.For more information, see the Configurations that Restart the Snort Process section in the FireSIGHT System
User Guide.
14.
If a patch for Version 5.4.0.9 or Version 5.4.1.8 is available on the Support site, apply the latest patch as described in the FireSIGHT
System Release Notes for that version.
System Release Notes for that version.
You must update to the latest patch to take advantage of the latest enhancements and security fixes.
Resolved Issues
You can track defects resolved in this release using the Cisco Bug Search Tool (
https://tools.cisco.com/bugsearch/
). A Cisco account is
required. To view defects addressed in older versions, refer to the legacy caveat tracking system.
Issues Resolved in Version 5.4.0.9 and Version 5.4.1.8:
Resolved an issue where, if you enabled the use of a proxy on your Defense Center and Create FireAMP Connection on the AMP
Management page (AMP> AMP Management), the system did not include Private Cloud in the Cloud Name drop-down list.
(CSCuu16374)
Management page (AMP> AMP Management), the system did not include Private Cloud in the Cloud Name drop-down list.
(CSCuu16374)
Resolved an issue where, if you created an LDAP object in the Microsoft Active Directory and added the LDAP object to a user policy,
then moved the LDAP object, the Defense Center could not locate the LDAP object. (CSCuu95350)
then moved the LDAP object, the Defense Center could not locate the LDAP object. (CSCuu95350)
Resolved an issue where, if you attempted to delete a security zone from the Security Zones page (Objects > Object Management >
Security Zones) referenced in the applied access control policy of an ASA 5500-X Series device, the system did not save the changes
and did not delete the security zone. (CSCuv40232)
Security Zones) referenced in the applied access control policy of an ASA 5500-X Series device, the system did not save the changes
and did not delete the security zone. (CSCuv40232)
Resolved an issue where, if you applied a policy that includes a rule with security zone conditions and then compared policies, the
policy comparison generated differences even when there were none. (CSCuv76157)
policy comparison generated differences even when there were none. (CSCuv76157)
Resolved an issue where, if you manually configured the time to a future time or date while deploying configuration and then deployed
another configuration with the current time or date to the same appliance, the device did not save the second configuration when it
should have. (CSCuw01691)
another configuration with the current time or date to the same appliance, the device did not save the second configuration when it
should have. (CSCuw01691)