Cisco Cisco Firepower Management Center 2000

Version 5.2.0.5

Sourcefire 3D System Release Notes

40

Features Introduced in Previous Versions

ICMP Types and Codes in Access Control Rules 

You can now use Internet Control Message Protocol (ICMP) types and codes in 

access control rules, correlation rules, and port objects. You can also now view 

ICMP types and codes for all relevant events in the event viewer.

SSL Application Detection

Version 5.2 adds many new application detectors for applications in SSL traffic, 

allowing you to identify, and optionally block, encrypted application sessions 

based on the common name from the SSL client certificate used in the session. 

URL Blocking based on SSL Common Name

You can now block encrypted application traffic using a URL based on the 

common name in an SSL certificate. 

Updates to API Support

Version 5.2 introduces the ability to request intrusion rule documentation using 

either eStreamer or the database access feature. In addition, several structures 

were updated for new features.

eStreamer and Database Access Updates

Version 5.2 contains several data structures updated for IPv6 address support, 

geolocation changes, changes to support malware blocking, ICMP type and code 

support, and bug fixes. For more information, see the Sourcefire 3D System 

eStreamer Integration Guide and Sourcefire 3D System Database Access Guide 

for Version 5.2.

Extended Rule Documentation 

You can now request intrusion rule documentation using eStreamer. You can also 

use the database access feature to query intrusion rule documentation.