Manualsbrain.com
  1. Manuais
  2. Marcas
  3. Cisco
  4. Cisco Firepower Management Center 2000

Cisco Cisco Firepower Management Center 2000

Download
Página de 44
Version 5.2.0.8
Sourcefire 3D System Release Notes
30
Known Issues
Resolved an issue where users were not prompted to enable the TCP 
stream preprocessor when saving an intrusion policy with the rate-based 
attack prevention preprocessor enabled and the TCP stream preprocessor 
disabled. (122905)
Resolved an issue where, in rare cases, intrusion rules that triggered on 
pruned sessions applied the rule action to current sessions. (122990)
Known Issues
There are no new known issues reported in Version 5.2.0.8.
Known Issues Reported in Previous Releases
The following is a list of known issues that were discovered in previous releases 
of the Sourcefire 3D System:
You must use the Defense Center’s web interface to unregister a managed 
device. If you unregister a device using either the device’s web interface or 
its command line interface (CLI), it is not removed from the Defense Center. 
(112659)
The system will generate a health alert if the Defense Center is unable to 
connect to the Sourcefire cloud. To troubleshoot, ensure the connection 
from the Defense Center to the Sourcefire cloud (
54.243.248.19 
and
 
54.243.248.162
) on port 32137 is working properly. (112708)
If multiple files are attached to a single email, the system may incorrectly 
identify files after the first. (114523)
If you attempt to create multiple static NAT rules with the same original 
values, the system may experience issues with traffic mapping. (116148)
In some cases, the Defense Center may show a cluster in a degraded state 
when it has already recovered, generating extraneous system alerts. 
(118122)
When Lights-Out Management is enabled, the system also enables a web 
server in the background. The web server does not drain system resources 
and has no known exploits. (119456)
Sourcefire documentation currently does not reflect that, on a Series 3 
device, TCP connections matching a Trust access control rule on the first 
packet generate different events depending on the presence of a Monitor 
rule. If an active Monitor rule is present, the system generates both a 
beginning and end-of-connection event, as expected. If no monitor rule is 
active, the system does not generate a beginning-of-connection event. 
(121060)
Do not name security zone objects using the pound sign (
#
); it may cause 
errors during device reconfiguration. (121514)