Cisco Cisco Firepower Management Center 4000 Release Notes
Version 5.3.0.5
Sourcefire 3D System Release Notes
36
Known Issues
•
If you create a new report (Overview > Reporting > Report Templates) and
attempt to Insert Report Parameter while viewing the web interface with
Internet Explorer 11, no report parameters are added to the report section
description. As a workaround, install and use Internet Explorer 10.
(142950/CSCze94011)
•
The Sourcefire 3D System User Guide does not reflect that if your Defense
Center loses connectivity to the Internet, the system may take up to 30
minutes to generate an Advanced Malware Protection health alert.
(143070/CSCze94138)
•
In some cases, if your Defense Center and managed devices experience
high volumes of traffic, the system generates incorrect CPU health alerts.
(143986/CSCze95067)
•
In some cases, if you edit the security zone of an interface on the Objects
Management page (Objects > Object Management) of a stacked device, the
system doesn’t allow you to apply the device configuration changes to the
stack. As a workaround, modify the security zone from the Device
Management page (Devices > Device Management) and apply the device
configuration changes to the stack. (144626/CSCze94847)
•
In some cases, if you enable remote storage and create a scheduled email
alert response on your Defense Center, the scheduled email alert may
disable remote storage and remote storage backups may fail. As a
workaround, create local backups and manually place the backups into
remote storage. (145288/CSCze95993)
•
If you cluster Series 3 devices and configure the shared Sourcefire
Resolution Protocol (SFRP) configuration so the primary device is
configured as the backup SFRP with a non-SFRP IP address and the
secondary device is configured as the active SFRP with a SFRP IP address,
both devices attempt to respond to Address Resolution Protocol (ARP)
requests for incoming addresses that matches rules in the applied network
analysis policy and experience a disruption in traffic. As a workaround,
analysis policy and experience a disruption in traffic. As a workaround,
ensure the primary device of a cluster is configured as an active SFRP with
an SFRP IP address. (CSCur55568)
•
In some cases, if you create correlation rule configured to trigger from the
type an intrusion event occurs or a connection event occurs and select ingress
security zone, egress security zone, ingress interface, or egress interface as the
condition, the system does recognize the rule and does not trigger traffic
matching the rule. (CSCur59840)
•
In some cases, Lights Out Management (LOM) appears to be disabled on
the LOM page (System > Local > Configuration > Console Configuration >
Lights Out Management) even if it is not. If you are unsure what the LOM
status is, use the
ipmitool
command in expert shell mode to enable or
disable LOM. (CSCus10996)