Cisco Cisco FirePOWER Appliance 7020
Version 5.3.0.3
Sourcefire 3D System Release Notes
4
Before You Begin: Important Update and Compatibility Notes
regardless of how you configured any inline sets, switching, routing, NAT, and
VPN are not performed during the update process.
.
Switching and Routing
Managed devices do not perform switching, routing, NAT, VPN, or related
functions during the update. If you configured your devices to perform only
switching and routing, network traffic is blocked throughout the update.
Product Compatibility
You must use at least Version 5.3 of the Defense Center to manage devices
running Version 5.3.0.3.
Defense Centers running Version 5.3.0.3 can manage physical devices and virtual
Defense Centers running Version 5.3.0.3 can manage physical devices and virtual
devices running Version 5.2.0.4 or greater and Sourcefire Software for X-Series
running Version 5.3 or greater.
Web Browser Compatibility
Version 5.3.0.3 of the web interface for the Sourcefire 3D System has been
tested on the browsers listed in the following table.
IMPORTANT!
If you use the Microsoft Internet Explorer 11 browser, you
must disable the Including local directory path when uploading files to server
option in your Internet Explorer settings via Tools > Internet Options > Security >
Custom level.
Network Traffic Interruption
D
EPLOYMENT
N
ETWORK
T
RAFFIC
I
NTERRUPTED
?
Inline with
configurable bypass
(Configurable bypass
(Configurable bypass
option enabled for
inline sets)
Network traffic is interrupted at two points during the update:
• At the beginning of the update process, traffic is briefly interrupted while
• At the beginning of the update process, traffic is briefly interrupted while
link goes down and up (flaps) and the network card switches into hardware
bypass. Traffic is not inspected during hardware bypass.
• After the update finishes, traffic is again briefly interrupted while link flaps
and the network card switches out of bypass. After the endpoints reconnect
and reestablish link with the sensor interfaces, traffic is inspected again.
IMPORTANT!
The configurable bypass option is not supported on virtual
devices, Sourcefire Software for X-Series, non-bypass NetMods on
8000 Series devices, or SFP transceivers on 71xx Family devices.
Inline
Network traffic is blocked throughout the update.
Passive
Network traffic is not interrupted, but also is not inspected during the update.