Cisco Cisco Firepower Management Center 2000 Notas de publicación
8
FireSIGHT System Release Notes
Documentation Updates
You can now view warnings associated with the individual rules of your access control policy via the Access Control Policy page
(Policies > Access Control). In the access control policy editor, view a warning by hovering your pointer over the alert icon next to
the rule name and reading the warning in the tooltip text, or by selecting the Show Warnings button at the top of the page to view the
warnings associated with all the rules referenced in your access control policy.
(Policies > Access Control). In the access control policy editor, view a warning by hovering your pointer over the alert icon next to
the rule name and reading the warning in the tooltip text, or by selecting the Show Warnings button at the top of the page to view the
warnings associated with all the rules referenced in your access control policy.
In Version 5.4, inline normalization is automatically enabled when you create a network analysis policy with Inline Mode enabled. In
previous versions, you had to manually enable inline normalization in your inline intrusion policies. Note that the update from Version
5.3.x to Version 5.4 does not change your inline normalization settings.
previous versions, you had to manually enable inline normalization in your inline intrusion policies. Note that the update from Version
5.3.x to Version 5.4 does not change your inline normalization settings.
You can now add access control rule port conditions that specify unassigned protocol numbers not included in the Protocol drop-down
list.
list.
You no longer need a secondary rule to control FTP Data Channel in your access control policy.
The new Decompress SWF File (LZMA), Decompress SWF File (Deflate), and Decompress PDF File (Default) HTTP Inspect
preprocessor options offer enhanced decompression support for PDF and SWF file content.
preprocessor options offer enhanced decompression support for PDF and SWF file content.
The TCP stream preprocessor now has enhanced protocol-awareness for SMTP, POP3, and IMAP.
The system now provides enhanced detection of information in application traffic, including detection of application data in DNS
traffic and detection of users in additional protocols.
traffic and detection of users in additional protocols.
You can now configure LDAP authentication to use Common Access Cards (CACs) to associate the card with a user name so a user
can log directly into the system using the card.
can log directly into the system using the card.
The system now offers enhanced GPRS Tunneling Protocol (GTP) support.
Documentation Updates
You can download all updated documentation from the Support site. In Version 5.4.0.9 and Version 5.4.1.8, the following documents were
updated to reflect the addition of new features and changed functionality and to address reported documentation issues:
updated to reflect the addition of new features and changed functionality and to address reported documentation issues:
FireSIGHT System Online Help
FireSIGHT System User Guide
The documentation updated for Version 5.4.0.9 and Version 5.4.1.8.contains the following errors:
The FireSIGHT System User Guide incorrectly states that Cisco does not recommend enabling more than one non-SFRP IP
address on a clustered Series 3 device’s routed or hybrid interface where one SFRP IP address is already configured. The
system does not perform NAT if clustered Series 3 devices experience failover while in standby mode. The system does perform
NAT if clustered Series 3 devices experience failover while in standby mode.
address on a clustered Series 3 device’s routed or hybrid interface where one SFRP IP address is already configured. The
system does not perform NAT if clustered Series 3 devices experience failover while in standby mode. The system does perform
NAT if clustered Series 3 devices experience failover while in standby mode.
The FireSIGHT System User Guide incorrectly states that you can use Lights-Out Management (LOM) on the default (eth0)
management interface on a Serial Over LAN (SOL) connection to remotely monitor or manage Series 3 appliances. Using the
same IP address for LOM and for a SOL connection to your Series 3 device is not currently supported.
management interface on a Serial Over LAN (SOL) connection to remotely monitor or manage Series 3 appliances. Using the
same IP address for LOM and for a SOL connection to your Series 3 device is not currently supported.
The FireSIGHT System Virtual Installation Guide incorrect states the following about logging in to a virtual device at the VMware
console using admin as the username and the new admin account password specified in the deployment setup wizard: If you did not
change the password using the wizard or you are deploying with a ESXi OVF template, use Cisco as the password. The
documentation should state that if you did not change the password using the wizard or you are deploying with an ESXi OVF template,
use Sourcefire as the password.
console using admin as the username and the new admin account password specified in the deployment setup wizard: If you did not
change the password using the wizard or you are deploying with a ESXi OVF template, use Cisco as the password. The
documentation should state that if you did not change the password using the wizard or you are deploying with an ESXi OVF template,
use Sourcefire as the password.
Before You Begin: Important Update and Compatibility Notes
Before you begin the update process for Version 5.4.0.9 and Version 5.4.1.8, you should familiarize yourself with the behavior of the system
during the update process, as well as with any compatibility issues or required pre- or post-update configuration changes.
during the update process, as well as with any compatibility issues or required pre- or post-update configuration changes.
Caution:
Cisco strongly recommends you perform the update in a maintenance window or at a time when the interruption will have the
least impact on your deployment.