Cisco Cisco Firepower Management Center 2000 Notas de publicación
7
FireSIGHT System Release Notes
New Features and Functionality
You can now create an access control policy that references either an access control rule network condition set to
block all IPv6 addresses with ::/0 or a network rule set to block all IPv4 addresses with 0.0.0.0/0 is now supported.
block all IPv6 addresses with ::/0 or a network rule set to block all IPv4 addresses with 0.0.0.0/0 is now supported.
The system now reports an event for all CPU reports when CPU usage changes from a high level to a normal state.
The following functionality was introduce in Version 5.4.1.1:
The system now clears all intrusion policy locks when you upload intrusion rules or install intrusion rule updates.
The following functionality was introduced in Version 5.4.1:
Registered ASA devices now have configurable advanced options on the Advanced tab of the Device Management
page (Devices > Device Management).
page (Devices > Device Management).
The show users CLI command is now supported on ASA devices.
You can configure alerts only for retrospective events or network-based malware events from the Advanced Malware
Protections Alerts tab on the Alerts page.
Protections Alerts tab on the Alerts page.
The following features and functionality were updated in Version 5.4:
You can now view VLAN tags for connection events in the event viewer (Analysis > Connections > Events).
The system now identifies login attempts over the FTP, HTTP, and MDNS protocols.
You can now select archived connection events separately from discovery events for transmission to the eStreamer
client.
client.
The Discovery Event Health Monitor is no longer available in health policies.
Expand Packet View, previously available in Version 4.10.x, is now a configurable option in Version 5.4 via the Event
View Settings tab (Admin > User Preferences > Event View Settings).
View Settings tab (Admin > User Preferences > Event View Settings).
Importing a custom intrusion rule as an .rtf file now generates an Invalid Rules File 'rtf_rule.rtf': Must be a plain text
file that is ASCII or UTF-8 encoded warning.
file that is ASCII or UTF-8 encoded warning.
You can now generate the following intrusion event performance graphs via the Intrusion Event Graphs page
(Overview > Summary > Intrusion Event Graphs):
(Overview > Summary > Intrusion Event Graphs):
—
ECN Flags Normalized in TCP Traffic/Packet
—
ECN Flags Normalized in TCP Traffic/Session
—
ICMPv4 Echo Normalizations
—
ICMPv6 Echo Normalizations
—
IPv4 DF Flag Normalizations
—
IPv4 Options Normalizations
—
IPv4 Reserved Flag Normalizations
—
IPv4 Resize Normalizations
—
IPv4 TOS Normalizations
—
IPv4 TTL Normalizations
—
IPv6 TTL Normalizations
—
IPv6 Options Normalizations