Cisco Cisco Firepower Management Center 4000
Version 5.2.0.2
Sourcefire 3D System Release Notes
27
Issues Resolved in Version 5.2.0.2
•
Resolved an issue where the system did not log correlation rules that
referenced user logins. (121129)
•
Resolved an issue where the system did not detect files transferred in HTTP
POST
requests. (121204)
•
Resolved an issue where, in some cases, intrusion email alerts did not
associate events with the correct managed device. (121278)
•
Resolved an issue where, in rare cases, very large troubleshooting files did
not download successfully. (121471)
•
Resolved an issue where, in some cases, adding an interface to a security
zone caused access control policy apply to fail. (121511)
•
Resolved an issue where, in some cases, eStreamer reported incorrect data
for intrusion event record type 207. (121555)
•
When viewing packet information for intrusion events, the timestamp now
reports the correct time in all cases. (121685)
•
Resolved an issue where, in some cases, the Intrusion Events by Impact
report template preset reported incorrect impact flag data. (121864)
•
When you view intrusion events with a search constraint of Source IP, this
constraint now appropriately changes to Sending IP if you navigate to the
Malware or Files tabs. (122034)
•
Resolved an issue where, in rare cases, devices failed to process packets
and log intrusion events. (122130)
•
Improved performance of the Context Explorer when handling large
datasets. (122276)
•
Resolved an issue where, in some cases, eStreamer logged packets before
their associated event records. (122365)
•
Resolved an issue where, in some cases, the system did not enable traffic
profiles with inactive periods. (122440)
•
Resolved an issue in network discovery policies where changes to user
protocol detection configuration did not take effect. (122763)
•
Improved the system's reporting of error messages generated by the
eStreamer client. (122859)
•
Resolved an issue with the eStreamer client where SHA-256 values were
incorrectly reported by the Defense Center. (122869)
•
Resolved an issue where users were not prompted to enable the TCP
stream preprocessor when saving an intrusion policy with the rate-based
attack prevention preprocessor enabled and the TCP stream preprocessor
disabled. (122905)
•
Resolved an issue where, in rare cases, intrusion rules that triggered on
pruned sessions applied the rule action to current sessions. (122990)