Cisco Cisco Firepower Management Center 4000
Version 5.2.0.6
Sourcefire 3D System Release Notes
30
Issues Resolved in Version 5.2.0.6
•
Resolved an issue with high availability configurations where you could not
change the secondary Defense Center to the primary role if the original
primary Defense Center was offline. (120327)
•
Improved logging of Security Intelligence decisions to the syslog. (120564,
120565, 121050)
•
Resolved an issue where, in some cases, URL filtering database updates
were not synchronized from the Defense Center to managed devices.
(120572)
•
Resolved an issue where access control policy apply failed when the default
action was Block All Traffic and the HOME_NET variable was
any
. Because
this combination is invalid, the system now warns you if you attempt to
configure it. (120578)
•
Resolved an issue where fragmented IP traffic that would normally match a
Trust access control rule and pass without further inspection was instead
evaluated by the intrusion policy associated with the default action.
(120734)
•
Resolved an issue where, in some cases, changing the dashboard widget
time range caused the widget to display incorrect event statistics. (121009)
•
Resolved an issue where the system did not log correlation rules that
referenced user logins. (121129)
•
Resolved an issue where the system did not detect files transferred in HTTP
POST
requests. (121204)
•
Resolved an issue where, in some cases, intrusion email alerts did not
associate events with the correct managed device. (121278)
•
Resolved an issue where, in rare cases, very large troubleshooting files did
not download successfully. (121471)
•
Resolved an issue where, in some cases, adding an interface to a security
zone caused access control policy apply to fail. (121511)
•
Resolved an issue where, in some cases, eStreamer reported incorrect data
for intrusion event record type 207. (121555)
•
When viewing packet information for intrusion events, the timestamp now
reports the correct time in all cases. (121685)
•
Resolved an issue where, in some cases, the Intrusion Events by Impact
report template preset reported incorrect impact flag data. (121864)
•
When you view intrusion events with a search constraint of Source IP, this
constraint now appropriately changes to Sending IP if you navigate to the
Malware or Files tabs. (122034)
•
Resolved an issue where, in rare cases, devices failed to process packets
and log intrusion events. (122130)
•
Improved performance of the Context Explorer when handling large
datasets. (122276)