Cisco Cisco Firepower Management Center 2000
Firepower System Release Notes
Known Issues
32
Resolved an issue where, if a host generated an Indication of Compromise (IoC) and you disabled the IoC for
that host on the Host Profile page, the Indications of Compromise by Host dashboard widget incorrectly
displayed the IoC when it should not. (CSCuv41376)
that host on the Host Profile page, the Indications of Compromise by Host dashboard widget incorrectly
displayed the IoC when it should not. (CSCuv41376)
Resolved an issue where, if you created an SSL policy default action set to
Decrypt - Known Key
or
Decrypt - Resign
on a 7000 Series or 8000 Series device and you choose to resume the SSL session with a different source IP
address, SSL inspection failed and the connection log displayed an incorrect SSL policy default action.
(CSCuv48689)
address, SSL inspection failed and the connection log displayed an incorrect SSL policy default action.
(CSCuv48689)
You can now view server names and association classification through the
show ntp
CLI command on your
Firepower Threat Defense devices. (CSCuv57818)
Improved file detection and blocking. (CSCuv59181)
To suppress IPv6 router advertisement messages on a Firepower Threat Defense device, clear the
Enable RA
checkbox in the Settings page (
Device > Device Management > Interfaces> IPv6 > Settings
) under the device interface
configuration on the Firepower Management Center. (CSCuv62594)
Improved memory utilization for port ranges in access control rules. (CSCuv64114)
Resolved an issue where, if you registered many devices or configured many interfaces on a managed device
or created many VPN deployments, the system did not generate information for all of the devices or interfaces
or VPN deployments on their respective pages. (CSCuv76287)
or created many VPN deployments, the system did not generate information for all of the devices or interfaces
or VPN deployments on their respective pages. (CSCuv76287)
Improved Health Monitor alerting. (CSCuv96121)
Resolved an issue where merging intrusion policy layers generated errors. (CSCuw34380)
Improved email notification reliability. (CSCuw36354)
Resolved an issue where, in some cases, the system experienced errors caused by invalid username values.
(CSCuw39725)
(CSCuw39725)
Resolved an issue where, if you switched from Serial Over Lan (SOL) to Lights-out-Management (LOM) on a
MC4000, or vice versa, the system’s console port did not work. (CSCuw67319)
MC4000, or vice versa, the system’s console port did not work. (CSCuw67319)
Resolved an issue where, if you enabled SSL debug logging via the s
ystem support ssl-debug
or
system
support debug-DAQ-NSE
CLI command and your system experienced a high amount of traffic for an extended
amount of time, the system experienced disk space issues. (CSCuw68004)
Known Issues
You can view known issues reported in this release using the Cisco Bug Search Tool
(
(
https://tools.cisco.com/bugsearch/
). A Cisco account is required.
The following known issues are reported in Version 6.0.1:
The system allows you to select a custom context on the ASA FirePOWER Configuration page (Configuration
> ASA FirePOWER Configuration) of an ASA Firepower module managed by ASDM running Version 6.0.1
even though custom context is not supported on devices managed by ASDM. Cisco strongly recommends
using admin context on the ASA FirePOWER Configuration page. (CSCus71713, CSCuy18360)
> ASA FirePOWER Configuration) of an ASA Firepower module managed by ASDM running Version 6.0.1
even though custom context is not supported on devices managed by ASDM. Cisco strongly recommends
using admin context on the ASA FirePOWER Configuration page. (CSCus71713, CSCuy18360)
In some cases, the system takes several minutes or longer to save and update the base layer of an intrusion
policy. (CSCux00181)
policy. (CSCux00181)
The system may experience dropped packets if you edit the access control policy to an intrusion preventative
default action and deploy to registered devices configured with routed, transparent, or inline interfaces.
(CSCux02726)
default action and deploy to registered devices configured with routed, transparent, or inline interfaces.
(CSCux02726)
In some cases, if a 7000 Series or 8000 Series high availability pair and the Firepower Management Center
experiences a disruption in communication, you cannot break the high availability pair. If you cannot break a
high availability pair, contact Support. (CSCux18768)
experiences a disruption in communication, you cannot break the high availability pair. If you cannot break a
high availability pair, contact Support. (CSCux18768)