Cisco Cisco FirePOWER Appliance 7030 Notas de publicación
Version 5.2.0.9
Sourcefire 3D System Release Notes
25
Known Issues
Known Issues
The following new known issues are reported in Version 5.2.0.9:
•
In some cases, if you attempt to import a policy referenced by another
policy as a shared layer or as a base policy, importing the policy may fail.
(144946/CSCze96151)
•
In some cases, managed devices stop processing traffic when the Defense
Center updates a large Security Intelligence Feed referenced in an access
control policy during a policy apply. As a workaround, reapply the policies
containing Security Intelligence Feeds. (CSCus19921)
•
In some cases, if your system includes an SSL Visibility Appliance (SSLVA)
or a Cisco SSL appliance and you create a file policy containing a Web
Application category condition and a Block Malware rule, your first attempt
to download a file identified as malware over HTTPS may fail. As a
workaround, disable the file policy. (CSCus72505)
Known Issues Reported in Previous Releases
The following is a list of known issues that were discovered in previous releases
of the Sourcefire 3D System:
•
You must use the Defense Center’s web interface to unregister a managed
device. If you unregister a device using either the device’s web interface or
its command line interface (CLI), it is not removed from the Defense Center.
(112659)
•
The system will generate a health alert if the Defense Center is unable to
connect to the Sourcefire cloud. To troubleshoot, ensure the connection
from the Defense Center to the Sourcefire cloud (
54.243.248.19
and
54.243.248.162
) on port 32137 is working properly. (112708)
•
If multiple files are attached to a single email, the system may incorrectly
identify files after the first. (114523)
•
If you attempt to create multiple static NAT rules with the same original
values, the system may experience issues with traffic mapping. (116148)
•
In some cases, the Defense Center may show a cluster in a degraded state
when it has already recovered, generating extraneous system alerts.
(118122)
•
When Lights-Out Management is enabled, the system also enables a web
server in the background. The web server does not drain system resources
and has no known exploits. (119456)