Cisco Cisco Firepower Management Center 2000

If you apply an access control policy to multiple devices, the Defense Center displays the task status 
differently on the Task Status page, the Access Control policy page, and the Device Management 
page of the web interface. The status on the Device Management page (

) 

is correct. (136364/CSCze87068, 136614/CSCze89936)

In some cases, if you create a custom workflow based on the health events table, the Defense Center 
displays conflicting data in the event viewer. (136419/CSCze90336)

If you import a custom intrusion rule as an 

.rtf 

file, the system does not warn you that the 

.rtf

 

file type is not supported. (136500/CSCze89991)

If you configure a Security Intelligence feed and specify a 

 that was created on a computer 

running a Windows operating system, the system does not display the correct number of submitted 
IP addresses in the tooltips on the Security Intelligence tab. As a workaround, use 

dos2unix

 

commands to convert the file from Windows encoding to Unix encoding and click 

 on 

the Security Intelligence page. (136557/CSCze89888)

If you disable a physical interface, the logical interfaces associated with it are disabled but remain 
green on the Interfaces tab of the appliance editor for that managed device. (136560/CSCze89894)

If you create a custom table based on the captured files table, the system generates an error message. 
The system does not support creating a custom table based on the captured files table. 
(136844/CSCze89977)

If you register a managed device with a hostname containing more than 40 characters, device 
registration fails. (137235/CSCze90144)

In some cases, the system does not filter objects in the Object Manager as expected if you include 
any of the following special characters in the filter criteria: dollar sign (

$

), caret (

), asterisk (

*

), 

brackets (

[ ]

), vertical bar (

|

), forward slash (

\

), period (

.

), and question mark (

?

). 

(137493/CSCze90413)

In some cases, if you enabled Simple Network Management Protocol (SNMP) polling in your 
system policy, modifying the high availability (HA) link interface configuration on one of your 
clustered managed devices causes the system to generate inaccurate SNMP polling requests. 
(137546/CSCze90000)

In some cases, configuring your access control policy to log blacklisted connections to the syslog or 
SNMP trap server causes system issues. (137952)

In some cases, the Operating System Summary workflow displays incorrect DNS server counts, 
NTP server counts, and DNS port counts if the system receives DNS or NTP packets out of order. 
(138047/CSCze90930)

The table view of file events appears to support viewing the file trajectory for ineligible file events. 
You can only view file trajectories for files with a calculated SHA-256 value. (138155/CSCze90676)

If you generate a report in HTML or PDF format that includes a chart with 

 as the x-axis, 

the system does not display UTF-8 characters in the x-axis filenames. (138297/CSCze90799)

In rare cases, if you have ever used your Defense Center to manage more than one device, the system 
displays inaccurate intrusion event counts in the dashboard. (138298)

In rare cases, editing and reapplying an intrusion policy hundreds of times causes intrusion rule 
updates and system updates to require over 24 hours to complete. (138333/CSCze90747)

If the latest version of the geolocation database (GeoDB) is installed on your Defense Center and 
you attempt to update the GeoDB with the same version, the system generates an error message. 
(138348/CSCze90813)

Connection events logged to the syslog or SNMP trap server may have incorrect 

 

values. (138504/CSCze91066, 139466/CSCze91510)