Cisco Cisco FirePOWER Appliance 8390 Notas de publicación
Version 5.3.0.2
Sourcefire 3D System Release Notes
43
For Assistance
•
As of Version 5.3 you can identify unique Initiator and Responder IP
addresses when creating IPv6 fast-path rules on Series 3 managed devices.
Before Version 5.3, the fields were fixed and set to Any.
•
For fresh installations of Version 5.3 on Series 3 managed devices, the
Automatic Application Bypass (AAB) feature is enabled by default. If you
update from a previous version of the Sourcefire 3D System, your AAB
settings are not affected. Note that AAB activates only when a preset
amount of time is spent processing a single packet. If AAB engages, the
system kills the affected Snort processes.
•
During the update to Version 5.3, the system now stores your currently
applied access control policy and up to 10 saved but unapplied revisions to
the access control policy, retaining your changes.
•
If you schedule multiple report generation tasks at the same time, the
system queues the tasks. You can view them on the Task Status page
(System > Monitoring > Task Status).
•
You cannot name security zone objects using the pound sign (#).
•
As of Version 5.3 you can use -1 as the minimum value in intrusion rule
icode
argument ranges. Selecting -1 as the minimum value allows you to
include the ICMP code 0 in the range.
•
Added a new SMTP preprocessor alert to detect attacks against Cyrus SASL
authentication.
•
The system includes file policy UUID metadata for type 502 intrusion events
as of Version 5.3.
•
The file disposition Neutral is now Unknown. Files with an Unknown
disposition indicate that a malware cloud lookup occurred before the cloud
assigned a disposition.
•
Added several new Snort decoder rules to identify packets containing
malformed authentication headers.
•
You can no longer configure custom analysis dashboard widgets based on
the Ingress Interface, Ingress Security Zone, Egress Interface, or Egress Security
Zone fields of the connection summary table.
•
As of Version 5.3 the system alerts you if you attempt to install a version of
the Sourcefire Geolocation Database (GeoDB) already installed on your
system.
•
As of Version 5.3 you can create correlation rules with Application Protocol
Category, Client Category, and Web Application Category conditions.
For Assistance
If you are a new customer, thank you for choosing Sourcefire. Please visit
to download the Sourcefire Support Welcome Kit,
a document to help you get started with Sourcefire Support and set up your
Customer Center account.