Cisco Cisco Firepower Management Center 4000 Release Notes

Version 5.2.0.6

Sourcefire 3D System Release Notes

Features Introduced in Previous Versions

•

In an access control policy, the system processes certain Trust rules before

the policy’s Security Intelligence blacklist. Trust rules placed before either

the first Monitor rule or before a rule with an application, URL, user, or

geolocation-based network condition are processed before the blacklist.

That is, Trust rules that are near the top of an access control policy (rules

with a low number) or that are used in a simple policy allow traffic that

should have been blacklisted to pass uninspected instead. (138743, 139017)

Features Introduced in Previous Versions

Functionality described in previous versions may be superseded by other new

functionality or updated through resolved issues.

5.2.x.x

No new features were introduced in Versions 5.2.0.1, 5.2.0.2, 5.2.0.3, 5.2.0.4, or

5.2.0.5.

5.2

The following new features and functionality were introduced in Version 5.2:

Advanced Malware Protection

Version 5.2 adds two new features to enhance the malware protection

capabilities of the Sourcefire 3D System: malware blocking and network file

trajectory.

Malware Blocking

The Sourcefire 3D System network-based advanced malware detection

capabilities added in Version 5.1.1 identifies individual files as they enter your

network, creates a fingerprint of each file, checks the fingerprint against the

Sourcefire cloud to determine the disposition of the file, and alerts you to files

identified as malware.
With the addition of malware blocking in Version 5.2, the Sourcefire 3D System

now provides advanced malware protection (AMP). You can now configure file

policies to block transfer of known malware files.
Based on the disposition of each detected file and the rules you set in your file

policies, the Defense Center instructs a managed device either to block the file or

to allow its upload or download. To improve performance, if the system already