Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco Firepower Management Center 4000
  5. Release Notes

Cisco Cisco Firepower Management Center 4000 Release Notes

Download
Page of 41
Version 5.2.0.3
Sourcefire 3D System Release Notes
30
Known Issues
In some cases, the system may not log connection events for IPv6-in-IPv4 
traffic if the access control policy contains an access control rule with 
connection event logging enabled and any of the following ports selected: 
IP 0
IP-ENCAP 4
IPv6 41
IPv6-ROUTE 43
IPv6-FRAG 44
GRE 47
ESP 
50
, or 
IPv6-OPTS 60
. (126117, 126746)
In some cases, if you configure a syslog alert response to send connection 
events to the syslog, the system may omit data from the Initiator Country
Responder CountryClient VersionApplication RiskBusiness Relevance
Intrusion EventsFilesTCP FlagsNetBIOS DomainInitiator PacketsResponder 
PacketsInitiator Bytes, or Responder Bytes fields. (127682)
If you configure a traffic profile and a correlation rule to trigger on traffic 
spikes at or above two standard deviations, the system may not generate a 
correlation event. (128107)
In rare cases, the 3D8120, 3D8130, 3D8140, and 3D8250 may experience 
system issues that require you to reboot the appliance. (128689)
If you disable ldap protocol detection in your network discovery policy, the 
Defense Center stops logging user agent login data. (128741)
In some cases, if you schedule an automatic LDAP user data retrieval, you 
cannot perform on-demand user data retrieval and download. (128962)
In rare cases, automatic application bypass (AAB) activates during network 
discovery policy apply. (129230)
Critical Issue
 After completing an event-only backup, the backup process 
enters an unrecoverable state. Do not attempt an event-only backup. As a 
workaround, back up both configurations and events. (129231)
In some cases, if you view reviewed intrusion events and drill down to the 
packet view, there are no visible events and the reviewed constraint is 
removed. (129257)
In rare cases, installing Version 5.2 or later on a 3D6500 managed device 
may cause system issues. (129561)
In some cases, the system incorrectly identified SMTP and generated a 
connection event with missing application information if the SMTP server 
responded with a connection error. (130085)
In rare cases, the system may generate critical health alert emails 
containing indecipherable messages. (130518)
In some cases, the system may incorrectly sort values in the Type column or 
omit names from the Security Zones column on the security zones page in 
the object manager. (130569, 130631, 130632)
In some cases, drilling down in a custom workflow may redirect you to the 
incorrect packet view page for an intrusion event. (130620)
In rare cases, the system mishandles dynamic NAT rules when a preceding 
rule's source network overlaps the source network of the dynamic NAT rule. 
(130765)