Cisco Cisco FirePOWER Appliance 8130 Notas de publicación
Version 5.3.0.2
Sourcefire 3D System Release Notes
36
Features Introduced in Previous Versions
•
If you disable Drop When Inline in your intrusion policy, inline normalization
stops modifying packets seen in traffic and the system does not indicate
what traffic would be modified. In some cases, other devices or applications
on your network may not function in the same way after you re-enable Drop
When Inline. (139174, 139177)
•
Security Issue
Sourcefire is aware of a vulnerability inherent in the Intelligent
Platform Management Interface (IPMI) standard (CVE-2013-4786). Enabling
Lights-Out Management (LOM) on an appliance exposes this vulnerability.
To prevent exposure to the vulnerability, do not enable LOM. To mitigate the
vulnerability, deploy your appliances on a secure management network
accessible only to trusted users and use a complex, non-dictionary-based
password. If you enable LOM and expose this vulnerability, change the
complex password every three months. For LOM password requirements,
see the Sourcefire 3D System User Guide. (139286, 140954)
•
In rare cases, the Task Status page (System > Monitoring > Task Status)
incorrectly reports that a failed system policy apply succeeded. (139428)
•
If you configure and save three or more intrusion policies that reference
each other through their base policies, the system does not update the Last
Modified dates for all policies on the Intrusion Policy page (Policies > Intrusion
> Intrusion Policy). As a workaround, wait 5-10 minutes and refresh the
Intrusion Policy page. (139647)
•
In some cases, if you configure and save a report with a time window that
includes the transition day from observing Daylight Saving Time (DST) to not
observing DST, the system adjusts the time window to begin an hour earlier
than you specified. As a workaround, set the time window to begin one
hour later. (139713)
•
If you remove an IP address from the global whitelist via the Object
Manager page of the Defense Center web interface, the command line
interface (CLI) on your Defense Center does not reflect the change.
(139784)
(139784)
Features Introduced in Previous Versions
Functionality described in previous versions may be superseded by other new
functionality or updated through resolved issues.
5.3.0.x
The following features and functionality were introduced in Version 5.3.0.x:
•
As of Version 5.3.0.1, LDAP usernames are not case-sensitive. In Version
5.3, usernames were case-sensitive.
•
As of Version 5.3.0.1, you can no longer perform joins using the
application_tag_id
field in the
application_host_map
table when
querying the external database.