Cisco Cisco Firepower Management Center 2000
36
FireSIGHT System Release Notes
Known Issues
Resolved an issue where excessive saved revisions to the intrusion policy caused system performance issues.
(141501/CSCze92792)
(141501/CSCze92792)
Resolved an issue where the passive interfaces not in security zones on 3D9900 devices did not generate intrusion
or connection events. (141663/CSCze93022)
or connection events. (141663/CSCze93022)
You can now enable rules from the packet view of a generated event when you select the Set this rule to generate
events in all locally created policies option from the actions menu. (142058/CSCze93416)
events in all locally created policies option from the actions menu. (142058/CSCze93416)
Resolved an issue where, in rare cases, Series 3 devices experienced delays during device shutdown.
(142110/CSCze93561)
(142110/CSCze93561)
Resolved an issue where, if the Defense Center sent a file to the cloud to perform a dynamic analysis in a sandbox
environment and the cloud was not available within 50 minutes, the file’s status remained Sent for Analysis instead
of a timed out status. (142309/CSCze93757)
environment and the cloud was not available within 50 minutes, the file’s status remained Sent for Analysis instead
of a timed out status. (142309/CSCze93757)
Resolved an issue where, if the Defense Center incorrectly assigned an invalid serial header, the Defense Center
failed to send events to the eStreamer client. (143201/CSCze93686)
failed to send events to the eStreamer client. (143201/CSCze93686)
Resolved an issue where, if you clicked on an application in the Denied Connections by Application dashboard
widget, the system did not properly constrain the resulting event view to blocked connections.
(143376/CSCze93645)
widget, the system did not properly constrain the resulting event view to blocked connections.
(143376/CSCze93645)
Resolved an issue where, if you generated a report in CSV format only, report section queries would ignore the option
to inherit the time window. (143403/CSCze94376)
to inherit the time window. (143403/CSCze94376)
Resolved an issue where the Modbus preprocessor failed to generate events after the system missed or dropped a
packet. (142450/CSCze95921)
packet. (142450/CSCze95921)
Resolved an issue where, if you created an access control policy that referenced an SSL policy set to decrypt traffic,
policy apply failed. (144518/CSCze94864)
policy apply failed. (144518/CSCze94864)
Resolved an issue where, if you created an intrusion policy or network analysis policy and added a shared layer to
it, then exported and imported the new policy the system generated a Back-end failed for import error and did not
import the policy. (144905/CSCze96093)
it, then exported and imported the new policy the system generated a Back-end failed for import error and did not
import the policy. (144905/CSCze96093)
Known Issues
The following known issues are reported in Version 5.4.0.7 and Version 5.4.1.6:
If you plan on updating the system to Version 6.0, you must install the FireSIGHT System Version 6.0 Pre-Installation
package prior to updating the Version 6.0. For more information, see the
package prior to updating the Version 6.0. For more information, see the
.
In some cases, if you change the order of access control rules and apply, policy apply fails. (CSCus64721)
In some cases, if you edit the Interfaces page (Configuration > ASA FirePOWER Configuration > Device
Management > Interfaces) of an ASA 5506-X, ASA 5506H-X, ASA 5506W-X, ASA 5508-X, or ASA 5516-X and
add a security zone, then click Store ASA FirePOWER Changes, the system generates an Unable to load container
(311014dd-c9b1-4ae4-b566-ad2b128a7d57) error. (CSCut85300)
Management > Interfaces) of an ASA 5506-X, ASA 5506H-X, ASA 5506W-X, ASA 5508-X, or ASA 5516-X and
add a security zone, then click Store ASA FirePOWER Changes, the system generates an Unable to load container
(311014dd-c9b1-4ae4-b566-ad2b128a7d57) error. (CSCut85300)
In some cases, a clustered ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, or ASA 5555-X device is
separated from the cluster due to an erroneous health check failure. As a workaround, if the device status is healthy,
add the device in the cluster again. (CSCuu10394
separated from the cluster due to an erroneous health check failure. As a workaround, if the device status is healthy,
add the device in the cluster again. (CSCuu10394
In some cases, if you enable the use of a proxy on your Defense Center and Create FireAMP Connection on the
Amp Management page (Amp > Amp Management), the system does not include Private Cloud in the Cloud Name
drop-down list when it should. (CSCuu16374)
Amp Management page (Amp > Amp Management), the system does not include Private Cloud in the Cloud Name
drop-down list when it should. (CSCuu16374)