Cisco Cisco FirePOWER Appliance 8290
Version 5.3.0.8
Sourcefire 3D System Release Notes
28
Known Issues
•
If you create an access control rule and set the default action to Interactive
Block, then edit the interactive block response page on the HTTP
Responses tab of the Default Access Control page (Policies > Access Control)
in Japanese, the interactive block page does not generate a Continue button
to bypass the interactive block page. (CSCuw21450)
•
If you apply an access control policy with the default action set to Network
Discovery that contains an access control rule configured to Block ICMPv6
traffic to an 8000 Series, the system does not generate events when traffic
is blocked when it should. (CSCuw36033)
•
If a user belongs to a group included in an LDAP user awareness object but
the group the user belongs to is set as the primary group on the Active
Directory server, the user is not included in the list of access-controlled
users downloaded from the Active Directory server and you cannot add that
user to an access control rule. (CSCuv03821)
•
In some cases, if you configure a system policy to use remote NTP server
to synchronize time to a system with a registered ASA 5500-X device or a
Series 3 device running a version older than Version 5.4 and you experience
a leap second, your system may use a high amount of CPU. (CSCuv11738)
•
In some cases, if you generate a report template with a custom logo and
create a backup file, then backup and restore the Defense Center, the
backup file does not save the custom logo in the report template.
(CSCuv44883)
•
In some cases, if you register a virtual device to a Defense Center running
Version 5.3.0 and add a protect and control license, then update the system
to Version 5.3.0.7, the system incorrectly displays the virtual device's IP
address as Sourcefire3D in the Name column and Unlicensed in the License
Type column of the Device Management page (Devices > Device
Management). (CSCux25785)
•
The system does not automatically trim oversized UDP packets to match
the configured MTU value when it should and over time drops traffic that is
oversized. (CSCux51826)
•
In some cases, updating a managed device fails and the system does not
indicate why in Task Status. If you update a device and the update fails
without a reason, contact Support. (CSCux56288)
•
If you filter intrusion rules on the Rule State page (Rule Configuration > Rule
State) and search for the
FlowBit
keyword, the system generates
inconsistent results. (CSCuy13901)
•
If you remove a user from all groups within a realm referenced in the access
control policy and deploy configuration changes, then click Download users
and groups from the Access Control tab, the system does not update the
deployed configuration and continues to process traffic as if the group(s)
still contained the user. (CSCuy39685)