Cisco Cisco Firepower Management Center 2000 Notas de publicación
23
FireSIGHT System Release Notes
Version 5.3.1.6
Known Issues
•
Resolved an issue where the system did not prevent you from creating a network variable with an
excluded network value that excluded all (any) networks. (139510/CSCze91770)
excluded network value that excluded all (any) networks. (139510/CSCze91770)
Known Issues
The following known issues are reported in Version 5.3.1.6:
•
In some cases, if you log into your system as the admin user and edit the base layer of your applied
intrusion policy, the system marks the base policy (as well as child policy if configured) updated by
intrusion policy, the system marks the base policy (as well as child policy if configured) updated by
admin
when it should not. (CSCur79437)
•
In some cases, if you change the selected time zone in the Time Zone Preference tab on the User
Preferences page (
Preferences page (
Admin > User Preferences > Time Zone Preference
), the system does not calculate
daylight savings time for you selected time zone and may display the wrong time. (CSCur92028)
•
(CSCus45769)
•
In some cases, if you disable an access control rule referencing an intrusion policy, the Access
Control Policy page (
Control Policy page (
Policies > Access Control
) incorrectly displays the intrusion policy as out-of-date
after the access control policy is successfully reapplied. The Intrusion Policy page (
Policies >
Intrusion > Intrusion Policy
) displays the correct policy status. (CSCuu15483)
•
In some cases, if you create a file policy and a NAT policy and enable TCP stream preprocessor rules
with an HTTP port number that is not an available port from the network access policy's HTTP
preprocessor configuration page, the system does not detect malware in traffic that matches the file
policy and downloads malware content when it should not. (CSCuu24472)
with an HTTP port number that is not an available port from the network access policy's HTTP
preprocessor configuration page, the system does not detect malware in traffic that matches the file
policy and downloads malware content when it should not. (CSCuu24472)
•
In some cases, if you configure a system policy to use remote NTP server to synchronize time to a
system with a registered ASA 5500-X device, a Series 2 device, or a Series 3 device running a
version older than Version 5.4 and you experience a leap second, your system may use a high amount
of CPU. (CSCuv11738)
system with a registered ASA 5500-X device, a Series 2 device, or a Series 3 device running a
version older than Version 5.4 and you experience a leap second, your system may use a high amount
of CPU. (CSCuv11738)
The following known issues were reported in previous releases:
•
In some cases, applying changes to your access control policy, intrusion policy, network discovery
policy, or device configuration, or installing an intrusion rule update or update of the vulnerability
database (VDB) causes the system to experience a disruption in traffic that uses Link Aggregation
Control Protocol (LACP) in fast mode. As a workaround, configure LACP links in slow mode.
(112070/CSCze87966)
policy, or device configuration, or installing an intrusion rule update or update of the vulnerability
database (VDB) causes the system to experience a disruption in traffic that uses Link Aggregation
Control Protocol (LACP) in fast mode. As a workaround, configure LACP links in slow mode.
(112070/CSCze87966)
•
If the system generates intrusion events with a
Destination Port/ICMP Code
of
0
, the Top 10 Destination
Ports section of the Intrusion Event Statistics page (
Overview > Summary > Intrusion Event Statistics
)
omits port numbers from the display. (125581/CSCze88014)
•
Defense Center local configurations (
System > Local > Configuration
) are not synchronized between
high availability peers. You must edit and apply the changes on all Defense Centers, not just the
primary. (130612/CSCze89250, 130652)
primary. (130612/CSCze89250, 130652)
•
In some cases, large system backups may fail if disk space usage exceeds the disk space threshold
before the system begins pruning. (132501/CSCze88368)
before the system begins pruning. (132501/CSCze88368)
•
In some cases, using the RunQuery tool to execute a
SHOW TABLES
command may cause the query to
fail. To avoid query failure, only run this query interactively using the RunQuery application.
(132685/CSCze89153)
(132685/CSCze89153)
•
If you delete a previously imported local intrusion rule, you cannot re-import the deleted rule.
(132865/CSCze88250)
(132865/CSCze88250)