Cisco Cisco IPS 4520 Sensor 릴리즈 노트
71
Release Notes for Cisco Intrusion Prevention System 7.1(6)E4
OL-27710-01
Caveats
•
On IPS sensors with multiple processors (for example, the IPS 4260 and IPS 4270-20), packets may
be captured out of order in the IP logs and by the packet command. Because the packets are not
processed using a single processor, the packets can become out of sync when received from multiple
processors.
be captured out of order in the IP logs and by the packet command. Because the packets are not
processed using a single processor, the packets can become out of sync when received from multiple
processors.
•
TACACS+ authentication is not supported in IPS 7.1(6)E4.
•
The CLI timeout feature is applicable only for sessions established through SSH, Telnet, and the
console. Service account logins are not affected.
console. Service account logins are not affected.
•
Anomaly detection does not support IPv6 traffic; only IPv4 traffic is directed to the anomaly
detection processor.
detection processor.
•
IPv6 does not support the following event actions: Request Block Host, Request Block Connection,
or Request Rate Limit.
or Request Rate Limit.
•
Global correlation does not support IPv6.
•
There is no support for IPv6 on the management (command and control) interface.
•
ICMP signature engines do not support ICMPv6, they are IPv4-specific, for example, the Traffic
ICMP signature engine. ICMPv6 is covered by the Atomic IP Advanced signature engine.
ICMP signature engine. ICMPv6 is covered by the Atomic IP Advanced signature engine.
•
CSM and MARS do not support IPv6.
•
When deploying an IPS sensor monitoring two sides of a network device that does TCP sequence
number randomization, we recommend using a virtual senor for each side of the device.
number randomization, we recommend using a virtual senor for each side of the device.
•
For IPS 5.0 and later, you can no longer remove the cisco account. You can disable it using the no
password cisco command, but you cannot remove it. To use the no password cisco command, there
must be another administrator account on the sensor. Removing the cisco account through the
service account is not supported. If you remove the cisco account through the service account, the
sensor most likely will not boot up, so to recover the sensor you must reinstall the sensor system
image.
password cisco command, but you cannot remove it. To use the no password cisco command, there
must be another administrator account on the sensor. Removing the cisco account through the
service account is not supported. If you remove the cisco account through the service account, the
sensor most likely will not boot up, so to recover the sensor you must reinstall the sensor system
image.
•
After you upgrade any IPS software on your sensor, you must restart the IDM to see the latest
software features.
software features.
•
The IDM does not support any non-English characters, such as the German umlaut or any other
special language characters. If you enter such characters as a part of an object name through IDM,
they are turned into something unrecognizable and you will not be able to delete or edit the resulting
object through IDM or the CLI. This is true for any string that is used by the CLI as an identifier,
for example, names of time periods, inspect maps, server and URL lists, and interfaces.
special language characters. If you enter such characters as a part of an object name through IDM,
they are turned into something unrecognizable and you will not be able to delete or edit the resulting
object through IDM or the CLI. This is true for any string that is used by the CLI as an identifier,
for example, names of time periods, inspect maps, server and URL lists, and interfaces.
•
When SensorApp is reconfigured, there is a short period when SensorApp is unable to respond to
any queries. Wait a few minutes after reconfiguration is complete before querying SensorApp for
additional information.
any queries. Wait a few minutes after reconfiguration is complete before querying SensorApp for
additional information.
•
The IDM and IME launch MySDN from the last browser window you opened, which is the default
setting for Windows. To change this default behavior, in Internet Explorer, choose Tools > Internet
Options, and then click the Advanced tab. Scroll down and uncheck the Reuse windows for
launching shortcuts check box.
setting for Windows. To change this default behavior, in Internet Explorer, choose Tools > Internet
Options, and then click the Advanced tab. Scroll down and uncheck the Reuse windows for
launching shortcuts check box.
Caveats
This section lists the resolved and unresolved caveats, and contains the following topics:
•
•