Manualsbrain.com
  1. Manuals
  2. Brands
  3. Cisco
  4. Cisco Firepower Management Center 4000
  5. Release Notes

Cisco Cisco Firepower Management Center 4000 Release Notes

Download
Page of 37
Version 5.2.0.1
Sourcefire 3D System Release Notes
35
Features Introduced in Previous Versions
Version 2.1 of the Sourcefire User Agent also now detects logoffs of active 
directory users. When the agent checks a host and discovers that the expected 
user is no longer logged in, the agent generates a logoff for that user. When the 
Defense Center receives the logoff, it unmaps the user from the previously 
associated IP address. 
Access Control
Version 5.2 also adds new functionality in the access control policy: support for 
source ports and ICMP types and codes in port conditions in access control rules 
and support for blocking encrypted application traffic using either application 
conditions or URL conditions.
Source Ports in Access Control Rules 
You can now specify source ports as a condition for access control rules; this 
expands upon the existing capability to specify destination ports. The source 
ports you specify must be TCP or UDP ports.
ICMP Types and Codes in Access Control Rules 
You can now use Internet Control Message Protocol (ICMP) types and codes in 
access control rules, correlation rules, and port objects. You can also now view 
ICMP types and codes for all relevant events in the event viewer.
SSL Application Detection
Version 5.2 adds many new application detectors for applications in SSL traffic, 
allowing you to identify, and optionally block, encrypted application sessions 
based on the common name from the SSL client certificate used in the session. 
URL Blocking based on SSL Common Name
You can now block encrypted application traffic using a URL based on the 
common name in an SSL certificate. 
Updates to API Support
Version 5.2 introduces the ability to request intrusion rule documentation using 
either eStreamer or the database access feature. In addition, several structures 
were updated for new features.
eStreamer and Database Access Updates
Version 5.2 contains several data structures updated for IPv6 address support, 
geolocation changes, changes to support malware blocking, ICMP type and code 
support, and bug fixes. For more information, see the Sourcefire 3D System 
eStreamer Integration Guide and Sourcefire 3D System Database Access Guide 
for Version 5.2.