Cisco Cisco Catalyst 6500 Cisco 7600 Router Traffic Anomaly Detector Module Notas de publicación
9
Release Note for the Cisco Traffic Anomaly Detector Module
OL-11859-02
Software Version 6.0(10) Open and Resolved Caveats
Software Version 6.0(10) Open and Resolved Caveats
The following sections contain the open and resolved caveats in software version 6.0(10):
•
•
Software Version 6.0(10) Open Caveats
The following caveats are open in software version 6.0(10):
•
CSCsb05557—Remote activation and synchronization processes from a Detector module to a
Guard do not function when the Detector module is located behind a device that is performing
Network Address Translation (NAT). Workaround: Reconfigure the network configuration to
disable NAT.
Guard do not function when the Detector module is located behind a device that is performing
Network Address Translation (NAT). Workaround: Reconfigure the network configuration to
disable NAT.
•
CSCsb20206—The Web-Based Manager (WBM) remains unresponsive while the pop up window
waits for results from the signature generation process. Even if you close the pop up window
manually, the WBM remains unresponsive while signature generation is in progress. Workaround:
Wait until the pop up window receives a result, or issue the no service wbm CLI command in
configuration mode.
waits for results from the signature generation process. Even if you close the pop up window
manually, the WBM remains unresponsive while signature generation is in progress. Workaround:
Wait until the pop up window receives a result, or issue the no service wbm CLI command in
configuration mode.
•
CSCsb29083—You cannot assign an identical name to manual packet dumps that you create in
different zones. Workaround: Assign unique names to manual packet dumps.
different zones. Workaround: Assign unique names to manual packet dumps.
•
CSCsc05116—The Detector module may stop functioning or start logging errors after reaching
100% anomaly detection engine memory utilization. Workaround: Use the show resources
command in global mode to view the amount of anomaly detection engine memory currently being
used by the Detector module. Reducing the number of active zones may free up memory.
100% anomaly detection engine memory utilization. Workaround: Use the show resources
command in global mode to view the amount of anomaly detection engine memory currently being
used by the Detector module. Reducing the number of active zones may free up memory.
•
CSCsc69508—After importing an HTML file to serve as login banner, some SSH clients may not
be able to connect to the product.
be able to connect to the product.
•
CSCsd71002—Under certain conditions, the Detector module does not create and activate all child
zones under attack. This behavior occurs when the zone is defined on the Detector module with
dst-ip-by-name activation method and an attack occurs on several IP addresses from the zone range.
If global policies are only active (not dst_ip policy), only the first recognized IP address is protected
successfully. Workaround: Make sure the dst_ip policies are active on the zone.
zones under attack. This behavior occurs when the zone is defined on the Detector module with
dst-ip-by-name activation method and an attack occurs on several IP addresses from the zone range.
If global policies are only active (not dst_ip policy), only the first recognized IP address is protected
successfully. Workaround: Make sure the dst_ip policies are active on the zone.
•
CSCse08139—The CLI session terminates when you press Ctrl-Z several times after issuing the
more 0 command.
more 0 command.
•
CSCse27876—When you press Ctrl-C during the import of a new software version or configuration,
you interrupt the import process and the CLI session may get disconnected. Workaround: Do not
press Ctrl-C during the import process.
you interrupt the import process and the CLI session may get disconnected. Workaround: Do not
press Ctrl-C during the import process.
•
CSCse31042—A zone configuration with ip_scan or port_scan policies cannot be imported into the
Detector module. Workaround: None.
Detector module. Workaround: None.
•
CSCsg42338—The Detector module CPU usage may reach 100%. Workaround: Reboot the
Detector module.
Detector module.
•
CSCsi57942—After upgrading the Detector module software to version 6.0 or 6.0-XG, SSH and
WBM connectivity to the module may be lost. Workaround: Log in to the Detector module through
the Catalyst 6500 series switch or 7600 series router and re-enter the routing configuration.
WBM connectivity to the module may be lost. Workaround: Log in to the Detector module through
the Catalyst 6500 series switch or 7600 series router and re-enter the routing configuration.
•
CSCsj27292—The Detector module does not count bypass filters correctly, which may cause the
watchdog to reload the Detector module. Workaround: Remove all bypass filters that are not needed.
watchdog to reload the Detector module. Workaround: Remove all bypass filters that are not needed.