Cisco Cisco Firepower Management Center 4000 Notas de publicación
Version 5.2.0.8
Sourcefire 3D System Release Notes
31
Known Issues
•
If you attempt to break a stack that was registered using DNS during a
period when DNS is disabled, you will experience system issues. Do not
attempt this. (122709)
•
In some cases, intrusion event counts in the dashboard may not match the
counts in the event viewer. (122743, 123040, 122936)
•
When creating stacks of devices from different device groups, the
secondary device in the stack both retains membership in its original group
and becomes associated with the stack’s primary group. The user interface
does not alert the user to this behavior. (122802)
•
In some cases, your network discovery policy may not function as expected
if you apply two or more network discovery rules that apply to the same
zones and networks but are configured to discover different hosts, users,
and applications. (122853)
•
In rare cases, the system may require up to 3 hours to complete an update
or uninstall to Version 5.2 of the Sourcefire 3D System on a 3D7110 or
3D7120 managed device. Do not interrupt the update; allow the
post-update reboot to finish completely. (124148)
•
If a device group contains an inactive managed device, you may be unable
to edit the device group. (124286)
•
In some cases, if you begin installing an intrusion rule update during a
system update, the intrusion rule update fails. To avoid this, do not attempt
to install an intrusion rule update during system update. (124290)
•
You can not use IPv6 addresses to configure connections to Sourcefire User
Agents (Policies > Users). As a workaround, configure the connection using
the associated IPv4 addresses instead. (124377)
•
In some cases, the system may trigger false positive events on the SMTP
preprocessor rule124:10. (125449)
•
In rare cases, the system does not terminate a rule update installation if the
installation fails in an early stage. If this occurs, you should attempt a rule
update reinstallation and contact Support if the issue persists. (125368)
•
In some cases, enabling sensitive data detection in your intrusion policy
may not generate events for all packets containing sensitive data. (125588)
•
If you create a custom analysis dashboard widget based on a saved
connection event search that uses data in fields without an asterisk (
*
), the
widget displays incorrect data. Only the fields that constrain connection
summaries can constrain custom analysis dashboard widgets based on
connection events. (127324, 127327)
•
If you apply a VPN deployment on a stack, cluster, or clustered stack and
then unregister the stack, cluster, or clustered stack from its managing
Defense Center, the VPN deployment remains active on the stack, cluster,
or clustered stack when you register the appliances to another Defense