Cisco Cisco Firepower Management Center 4000 Notas de publicación
Version 5.2.0.3
Sourcefire 3D System Release Notes
32
Known Issues
•
In some cases, the Defense Center may show a cluster in a degraded state
when it has already recovered, generating extraneous system alerts.
(118122)
•
When Lights-Out Management is enabled, the system also enables a web
server in the background. The web server does not drain system resources
and has no known exploits. (119456)
•
Sourcefire documentation currently does not reflect that, on a Series 3
device, TCP connections matching a Trust access control rule on the first
packet generate different events depending on the presence of a Monitor
rule. If an active Monitor rule is present, the system generates both a
beginning and end-of-connection event, as expected. If no monitor rule is
active, the system does not generate a beginning-of-connection event.
(121060)
•
Do not name security zone objects using the pound sign (
#
); it may cause
errors during device reconfiguration. (121514)
•
If you attempt to break a stack that was registered using DNS during a
period when DNS is disabled, you will experience system issues. Do not
attempt this. (122709)
•
In some cases, intrusion event counts in the dashboard may not match the
counts in the event viewer. (122743, 123040, 122936)
•
When creating stacks of devices from different device groups, the
secondary device in the stack both retains membership in its original group
and becomes associated with the stack’s primary group. The user interface
does not alert the user to this behavior. (122802)
•
In some cases, your network discovery policy may not function as expected
if you apply two or more network discovery rules that apply to the same
zones and networks but are configured to discover different hosts, users,
and applications. (122853)
•
In rare cases, the system may require up to 3 hours to complete an update
to Version 5.2 of the Sourcefire 3D System on a 3D7110 or 3D7120
managed device. Do not interrupt the update; allow the post-update reboot
to finish completely. (124148)
•
If a device group contains an inactive managed device, you may be unable
to edit the device group. (124286)
•
In some cases, if you begin installing an intrusion rule update during a
system update, the intrusion rule update fails. To avoid this, do not attempt
to install an intrusion rule update during system update. (124290)
•
You can not use IPv6 addresses to configure connections to Sourcefire User
Agents (Policies > Users). As a workaround, configure the connection using
the associated IPv4 addresses instead. (124377)
•
In some cases, the system may trigger false positive events on the SMTP
preprocessor rule124:10. (125449)