Cisco Cisco Firepower Management Center 2000 Notas de publicación
23
FireSIGHT System Release Notes
Resolved Issues
Resolved an issue where creating a search for an intrusion event with an original client IP using a negated subnet IP address caused
the system to incorrectly exclude intrusion events with no original client IP. (CSCuu68438)
the system to incorrectly exclude intrusion events with no original client IP. (CSCuu68438)
Resolved an issue where you could not manually set the time zone on an ASA FirePOWER module managed by ASDM.
(CSCuu70250)
(CSCuu70250)
Resolved an issue where internal CA certificates generated on the Object Management page (Objects > Object Management > PKI)
remained valid for 30 days when they should be valid for ten years. (CSCuv29004)
remained valid for 30 days when they should be valid for ten years. (CSCuv29004)
Resolved an issue where, if you deployed an SSL policy and enabled SSL decryption, the system experienced a disruption in traffic
after a few hours of decrypting SSL traffic. (CSCux75036)
after a few hours of decrypting SSL traffic. (CSCux75036)
Resolved an issue where, if you attempted to update the system with less than the required amount of free space, the update failed and
the system incorrectly appeared to have a negative amount of space available. (CSCuv43019)
the system incorrectly appeared to have a negative amount of space available. (CSCuv43019)
Improved Simple Mail Transfer Protocol (SMTP) traffic detection. (CSCuy44141)
Resolved an issue where, if you suppressed a rule in an intrusion policy with the Suppression Type set to either Source or Destination
IP address with a custom variable, then deleted the custom variable and applied policy, policy apply failed the system did not indicate
why. (CSCuv44581)
IP address with a custom variable, then deleted the custom variable and applied policy, policy apply failed the system did not indicate
why. (CSCuv44581)
You can now execute the Show user CLI command on ASA FirePOWER modules. (CSCuv45343)
Resolved an issue where selecting network file system 4(NFS4) storage as a remote storage type from the Storage Type drop-down
menu on the Remote Storage device tab of the Local Configuration page (System > Local > Configuration) erroneously generated an
error. (CSCuv50519)
menu on the Remote Storage device tab of the Local Configuration page (System > Local > Configuration) erroneously generated an
error. (CSCuv50519)
Optimized firewall rules count limit. (CSCuv86743)
Resolved an issue where the 7000 Series or 8000 Series devices may have changed the outermost Ether type for IEEE 802.1Q VLAN
traffic they inspected from 88a8 to 8100, which prevented endpoints from receiving those frames. (CSCuw57916)
traffic they inspected from 88a8 to 8100, which prevented endpoints from receiving those frames. (CSCuw57916)
Resolved an issue where, if you removed a DNS entry from a management interface and saved the configuration without replacing or
adding another DNS entry, then attempted to login to web interface, the web page generated a blank login screen. (CSCuw68408)
adding another DNS entry, then attempted to login to web interface, the web page generated a blank login screen. (CSCuw68408)
Resolved an issue where health events caused excessive logging and the system experienced disk space issues. (CSCuw84304)
Resolved an issue where if you created a logical interface that referenced a link aggregated group (LAG) to a Series 3 device and added,
removed, or replaced the existing NetMod on the device, the system did not recognize any referenced objects. (CSCux03639)
removed, or replaced the existing NetMod on the device, the system did not recognize any referenced objects. (CSCux03639)
Resolved an issue where the Defense Center’s health monitor generated extraneous Warning (yellow) and Critical (red) health alerts
when there were no alerts. (CSCux04564)
when there were no alerts. (CSCux04564)
Resolved an issue where, if you enabled Automatic Rule Update on a Defense Center pair and installed a rule update, then applied
policies, the Defense Centerincorrectly displayed the access control policy as out-of-date when it was not. (CSCux21111)
policies, the Defense Centerincorrectly displayed the access control policy as out-of-date when it was not. (CSCux21111)
Resolved an issue where disabling interface eth0 caused system issues. (CSCux22564, CSCux35301)
Resolved an issue where, if you edited a registered device's name to include a character larger than 8-bit and configured passive mode
interfaces, then enabled Inline Normalization and applied the access control policy, the system did not generate the policy deploy
dialog. (CSCux23227)
interfaces, then enabled Inline Normalization and applied the access control policy, the system did not generate the policy deploy
dialog. (CSCux23227)
Resolved an issue where, if you update a system running Version 5.4 to Version 5.4.1 or later with STIG mode enabled, update failed.
(CSCux23487)
(CSCux23487)
Resolved an issue where, if you logged into the FirePOWER system and deleted an In queue or a Report Generation Failed report
from the reports tab of the Reporting page (Overview > Reporting) as a user other than the user who created the report, the system
did not delete the report when it should have. (CSCux27304)
from the reports tab of the Reporting page (Overview > Reporting) as a user other than the user who created the report, the system
did not delete the report when it should have. (CSCux27304)
Improved HTTP traffic processing and reduced the chance of dropped packets when processing large HTTP POST events.
(CSCux30861)
(CSCux30861)