Cisco Cisco Firepower Management Center 4000 Release Notes

Page of 46
Version 5.3.0.5
Sourcefire 3D System Release Notes
1
S
OURCEFIRE
 3D S
YSTEM
R
ELEASE
 N
OTES
Version 5.3.0.5
Original Publication: June 8, 2015
Last Updated: April 25, 2016
These release notes are valid for Version 5.3.0.5 of the Sourcefire 3D System. 
Even if you are familiar with the update process, make sure you thoroughly read 
and understand these release notes, which describe supported platforms, new 
and changed features and functionality, known and resolved issues, and product 
and web browser compatibility. They also contain detailed information on 
prerequisites, warnings, and specific installation and uninstallation instructions for 
the following appliances:
Series 2 and Series 3 managed devices (the 3D500, 3D1000, 3D2000, 
3D2100, 3D2500, 3D3500, 3D4500, 3D6500, 3D7010, 3D7020, 3D7030, 
3D7110, 3D7115, 3D7120, 3D7125, 3D8120, 3D8130, 3D8140, 3D8250, 
3D8260, 3D8270, 3D8290, 3D8350, 3D8360, 3D8370, 3D8390, and the 
AMP7150)
64-bit Sourcefire Software for X-Series
TIP!
For detailed information on the Sourcefire 3D System, refer to the online 
help or download the Sourcefire 3D System User Guide from the Support Site.
To update appliances running at least Version 5.3 of the Sourcefire 3D System to 
Version 5.3.0.5, see the procedures outlined in 
page 6.
For more information, see the following sections:

Summary of Contents of release notes for Cisco Cisco Firepower Management Center 4000

  • Page 1 SOURCEFIRE 3D SYSTEM RELEASE NOTES Version 5.3.0.5 Original Publication: June 8, 2015 Last Updated: April 25, 2016 These release...
  • Page 2: Updates to Sourcefire Documentation New and Updated Features and Functionality • Uninstalling the Update on page 13 • Resolved Issues on page 18...
  • Page 3: Before You Begin: Important Update and Compatibility Notes Before You Begin: Important Update and Compatibility Notes unchecking this box will disable inspection temporarily during policy apply and...
  • Page 4 Before You Begin: Important Update and Compatibility Notes Traffic Flow and Inspection During the Update The update process (and...
  • Page 5 Before You Begin: Important Update and Compatibility Notes Switching and Routing Managed devices do not perform switching, routing, NAT,...
  • Page 6: Updating Your Appliances Updating Your Appliances Web Browser Compatibility BROWSER REQUIRED ENABLED OPTIONS AND SETTINGS Chrome 42 JavaScript, cookies Firefox 38 JavaScript,...
  • Page 7 Updating Your Appliances Sourcefire 3D System Version Requirements To update to Version 5.3.0.5, an appliance must be running at...
  • Page 8 Updating Your Appliances If you encounter issues with the progress of your update, contact Support. Time and Disk Space...
  • Page 9 Updating Your Appliances system then applies the update to the primary device, which follows the same process. Installing the...
  • Page 10 Updating Your Appliances There are several additional post-update steps you should take to ensure that your deployment is performing...
  • Page 11 Updating Your Appliances information, see Traffic Flow and Inspection During the Update on page 4. WARNING! Before you update...
  • Page 12 Updating Your Appliances 3. Upload the update to the Defense Center by selecting System > Updates, then clicking Upload...
  • Page 13: Uninstalling the Update Uninstalling the Update Uninstalling the Update The following sections help you uninstall the Version 5.3.0.5 update from your appliances:...
  • Page 14 Uninstalling the Update Uninstalling the Update from Stacked Devices All devices in a stack must run the same version...
  • Page 15 Uninstalling the Update Uninstalling the Update from a Managed Device The following procedure explains how to use the local...
  • Page 16 Uninstalling the Update 5. Click the install icon next to the uninstaller that matches the update you want to...
  • Page 17 Uninstalling the Update To uninstall the update: 1. Read and understand Planning the Uninstallation on page 13. 2. Log...
  • Page 18: Resolved Issues Resolved Issues 4. At the prompt, type the following on a single line and press Enter: install_update.pl /var/sf/updates/Sourcefire_3D_XOS_Device_Patch_Uninstaller- 5.3.0.5-18.sh...
  • Page 19 Resolved Issues addressed in older versions, refer to the legacy caveat tracking system. Because you can update your appliances...
  • Page 20 Resolved Issues • Resolved an issue where, if you edited an access control policy and policy apply failed, the...
  • Page 21 Resolved Issues • Security Issue Addressed multiple vulnerability issues in cURL, Linux, MySQL, strongSwan, and Wireshark, including those described...
  • Page 22 Resolved Issues • Resolved an issue where, if you deleted a managed device from a Defense Center, then added...
  • Page 23 Resolved Issues • Resolved an issue where, in rare cases, if you added multiple passive interfaces to a security...
  • Page 24 Resolved Issues • Resolved a memory issue on managed devices where the system omitted data from Intrusion Event Performance...
  • Page 25 Resolved Issues • Security Issue Eliminated a CSRF vulnerability (CVE-2014-2028) in the User Management page that could allow an...
  • Page 26 Resolved Issues • Resolved an issue where the system incompletely terminated failed intrusion rule updates. (125368) • Resolved an...
  • Page 27 Resolved Issues • Resolved an issue where, in some cases, if you viewed reviewed intrusion events and drilled down...
  • Page 28: Known Issues Known Issues • Resolved an issue where, if you configured a custom table populated with data from the Correlation...
  • Page 29 Known Issues • In some cases, the system may log you out of the web interface after the session...
  • Page 30 Known Issues • If the system generates intrusion events with a Destination Port/ICMP Code of 0, the Top 10...
  • Page 31 Known Issues • If you generate a report containing connection event summary data based on a connection event table...
  • Page 32 Known Issues • In some cases, if you create a custom workflow based on the health events table, the...
  • Page 33 Known Issues • In rare cases, revising and reapplying an intrusion policy hundreds of times causes intrusion rule updates...
  • Page 34 Known Issues • If you disable Drop When Inline in your intrusion policy, inline normalization stops modifying packets seen...
  • Page 35 Known Issues • In some cases, the Password Lifetime column on the User Management page (Operations > User Management)...
  • Page 36 Known Issues • If you create a new report (Overview > Reporting > Report Templates) and attempt to Insert...
  • Page 37 Known Issues • In some cases, managed devices stop processing traffic when the Defense Center updates a large security...
  • Page 38: Features Introduced in Previous Versions Features Introduced in Previous Versions • In some cases, if you apply an access control rule referencing a network...
  • Page 39 Features Introduced in Previous Versions File capture is configured as part of a file policy and each file has...
  • Page 40 Features Introduced in Previous Versions Spero Engine LICENSE: Malware SUPPORTED DEVICES: Series 3, Virtual, X-Series SUPPORTED DEFENSE CENTERS: Any...
  • Page 41 Features Introduced in Previous Versions This feature introduced Sourcefire-provided Indications of Compromise (IOC) rules that allow you to control...
  • Page 42 Features Introduced in Previous Versions network. Create geolocation objects to save and organize custom groupings of countries. URL Filtering...
  • Page 43 Features Introduced in Previous Versions AMP8150, which is shipped with additional storage). Malware storage packs are also supported on...
  • Page 44 Features Introduced in Previous Versions • Sourcefire identifies traffic referred by a web server as the web application for...
  • Page 45: For Assistance For Assistance • The system includes file policy UUID metadata for type 502 intrusion events as of Version 5.3....
  • Page 46 For Assistance The copyright in the Documentation is owned by Cisco and is protected by copyright and other intellectual...
downloadlike
ArtboardArtboardArtboard
Report Bug