Cisco Cisco Firepower Management Center 2000 Notas de publicación
24
FireSIGHT System Release Notes
Version 5.3.1.5
Known Issues
•
Scheduling and running simultaneous system backup tasks negatively impacts system performance.
As a workaround, stagger your scheduled tasks so only one backup runs at a time.
(134575/CSCze89679)
As a workaround, stagger your scheduled tasks so only one backup runs at a time.
(134575/CSCze89679)
•
If you edit a previously configured LDAP connection where user and group access control
parameters are enabled, clicking
parameters are enabled, clicking
Fetch Groups
does not populate the Available Groups box. You must
re-enter your password when editing an LDAP connection in order to fetch available groups.
(134872/CSCze89834)
(134872/CSCze89834)
•
In some cases, if you enable
Resolve IP Addresses
in the
Event Preferences
section of the Event View
Settings page, hostnames associated with IPv6 addresses may not resolve as expected in the
dashboard or event views. (135182/CSCze90155)
dashboard or event views. (135182/CSCze90155)
•
Configuring a proxy server to authenticate with a Message Digest 5 (MD5) password encryption for
malware cloud lookups is not supported. (135279/CSCze89442)
malware cloud lookups is not supported. (135279/CSCze89442)
•
You cannot enter more than 450 characters in the
Base Filter
field when creating an LDAP
authentication object. (135314/CSCze89081)
•
In some cases, if you schedule a task while observing Daylight Saving Time (DST), the task does
not run during periods when you are not observing DST. As a workaround, select
not run during periods when you are not observing DST. As a workaround, select
Europe, London
as
your local time zone on the Time Zone Preference page (
Admin > User Preferences
) and recreate the
task during a period when you are not observing DST. (135480)
•
The system requires additional time to reboot appliances or ASA FirePOWER devices running
Version 5.3 or later due to a database check. If errors are found during the database check, the reboot
requires additional time to repair the database. (135564, 136439)
Version 5.3 or later due to a database check. If errors are found during the database check, the reboot
requires additional time to repair the database. (135564, 136439)
•
In some cases, the system may generate a false positive for the SSH preprocessor rule 128:1.
(135567/CSCze89434)
(135567/CSCze89434)
•
If you apply an intrusion policy containing a rule with the
Extract Original Client IP Address
HTTP
preprocessor option enabled, the system may populate intrusion events with incorrect data in the
Original Client IP
field if traffic passes through a dedicated proxy server. (135651/CSCze89056)
•
If you schedule a task with
Report
as the job type, the system does not attach the report to the emailed
status report. (136026/CSCze90265)
•
If you apply an access control policy to multiple devices, the Defense Center displays the task status
differently on the Task Status page, the Access Control policy page, and the Device Management
page of the web interface. The status on the Device Management page (
differently on the Task Status page, the Access Control policy page, and the Device Management
page of the web interface. The status on the Device Management page (
Devices > Device Management
)
is correct. (136364/CSCze87068, 136614/CSCze89936)
•
In some cases, if you create a custom workflow based on the health events table, the Defense Center
displays conflicting data in the event viewer. (136419/CSCze90336)
displays conflicting data in the event viewer. (136419/CSCze90336)
•
If you import a custom intrusion rule as an
.rtf
file, the system does not warn you that the
.rtf
file type is not supported. (136500/CSCze89991)
•
If you configure a Security Intelligence feed and specify a
Feed URL
that was created on a computer
running a Windows operating system, the system does not display the correct number of submitted
IP addresses in the tooltips on the Security Intelligence tab. As a workaround, use
IP addresses in the tooltips on the Security Intelligence tab. As a workaround, use
dos2unix
commands to convert the file from Windows encoding to Unix encoding and click
Update Feeds
on
the Security Intelligence page. (136557/CSCze89888)
•
If you disable a physical interface, the logical interfaces associated with it are disabled but remain
green on the Interfaces tab of the appliance editor for that managed device. (136560/CSCze89894)
green on the Interfaces tab of the appliance editor for that managed device. (136560/CSCze89894)
•
If you create a custom table based on the captured files table, the system generates an error message.
The system does not support creating a custom table based on the captured files table.
(136844/CSCze89977)
The system does not support creating a custom table based on the captured files table.
(136844/CSCze89977)