Manualsbrain.com
  1. 매뉴얼
  2. 브랜드
  3. Cisco
  4. Cisco FirePOWER Appliance 8120
  5. 릴리즈 노트

Cisco Cisco FirePOWER Appliance 8120 릴리즈 노트

다운로드
페이지 33
Version 5.3
Sourcefire 3D System Release Notes
31
Known Issues
In some cases, if you configure an access control policy with a Monitor rule 
(which forces end-of-connection logging) and a Trust rule with Log at 
Beginning of Connection enabled, the system may not generate 
end-of-connection events for matching SSH-encrypted traffic. As a 
workaround, configure the rules as stated above and add an Allow rule 
directly above the Trust rule. Configure the Allow rule with the same 
conditions as your Trust rule, with both Log at Beginning of Connection and Log 
at End of Connection enabled, and with an application condition that matches 
SSH-encrypted traffic. (135952)
If you schedule a task with Report as the job type, the system does not 
attach the report to the emailed status report. (136026)
In some cases, the system restricts access to the User Management page 
(System > Local > User Management) on physical managed devices. As a 
workaround, access the User Management page as the 
admin
 user by 
manually entering the URL: 
https://
appliance
/admin/user/view/cgi
where 
appliance
 is the IP address or name of the appliance. (136079)
If you apply an access control policy to multiple devices, the Defense 
Center displays the task status differently on the Task Status page, the 
Access Control policy page, and the Device Management page of the web 
interface. The status on the Device Management page (Devices > Device 
Management) is correct. (136364, 136614)
In some cases, if you create a custom workflow based on the health events 
table, the Defense Center displays conflicting data in the event viewer. 
(136419)
If you import a custom intrusion rule as an 
.rtf 
file, the system does not 
warn you that the .
rtf 
file type is not supported. (136500)
If you disable a physical interface, the logical interfaces associated with it 
are disabled but remain green on the Interfaces tab of the appliance editor 
for that managed device. (136560)
Connection events logged to the syslog or SNMP trap server may have 
incorrect URL Reputation values. (138504)
In an access control policy, the system processes certain Trust rules before 
the policy’s Security Intelligence blacklist. Trust rules placed before either 
the first Monitor rule or before a rule with an application, URL, user, or 
geolocation-based network condition are processed before the blacklist. 
That is, Trust rules that are near the top of an access control policy (rules 
with a low number) or that are used in a simple policy allow traffic that 
should have been blacklisted to pass uninspected instead. (138743, 139017)