Cisco Cisco Firepower Management Center 2000
4
FireSIGHT System Release Notes
Version 5.3.1.1
Documentation Updates
Tip
Cisco documentation may refer to the Defense Center as the FireSIGHT Management Center. The
Defense Center and the FireSIGHT Management Center are the same appliance.
Defense Center and the FireSIGHT Management Center are the same appliance.
Documentation Updates
You can download all updated documentation from the Support site. In Version 5.3.1.1, the following
documents were updated to reflect the addition of new features and changed functionality and to address
reported documentation issues:
documents were updated to reflect the addition of new features and changed functionality and to address
reported documentation issues:
•
FireSIGHT System User Guide
•
FireSIGHT System eStreamer Integration Guide
The documentation provided for Version 5.3.1.1 contains the following errors:
•
The documentation incorrectly states the following about devices in a stack:
If a secondary
device fails, the primary device continues to sense traffic, generate alerts, and send
traffic to all secondary devices. On failed secondary devices, traffic is dropped. A
health alert is generated indicating loss of link.
The documentation should specify that, by default, if the secondary device in a stack fails, by
default, inline sets with configurable bypass enabled go into bypass mode on the primary device.
For all other configurations, the system continues to load balance traffic to the failed secondary
device. In either case, a health alert is generated to indicate loss of link. (122708, 123380, 138433)
default, inline sets with configurable bypass enabled go into bypass mode on the primary device.
For all other configurations, the system continues to load balance traffic to the failed secondary
device. In either case, a health alert is generated to indicate loss of link. (122708, 123380, 138433)
•
The online help does not reflect that:
The original client IP address that was extracted from an X-Forwarded-For (XFF), True-Client-IP,
or custom-defined HTTP header. To display a value for this field, you must enable the HTTP
preprocessor Extract Original Client IP Address option in the network analysis policy. Optionally,
in the same area of the network analysis policy, you can also specify up to six custom client IP
or custom-defined HTTP header. To display a value for this field, you must enable the HTTP
preprocessor Extract Original Client IP Address option in the network analysis policy. Optionally,
in the same area of the network analysis policy, you can also specify up to six custom client IP
Defense Center
FireSIGHT Defense Center
Cisco FireSIGHT Management Center
Formerly Sourcefire Defense Center
managed device
Formerly Sourcefire managed device
FireSIGHT managed devices
Refers to all devices managed by a FireSIGHT
Defense Center (managed devices and ASA devices)
Defense Center (managed devices and ASA devices)
Cisco Adaptive Security Appliance (ASA)
ASA device
Refers to the Cisco ASA hardware
Cisco ASA with FirePOWER Services
Refers to ASA devices with the ASA FirePOWER
module installed
module installed
ASA FirePOWER module
Refers to the hardware and software modules
installed on compatible ASA devices
installed on compatible ASA devices
ASA software
Refers to the base software installed on Cisco ASA
devices
devices
Table 1
Changes to Terminology
Version 5.3.1 Terminology
Description