Cisco Cisco Firepower Management Center 4000
Version 5.2.0.6
Sourcefire 3D System Release Notes
29
Issues Resolved in Version 5.2.0.6
•
Resolved an issue where the system restarted during intrusion policy apply
due to detected SMTP preprocessor changes, even if there were no
changes to the SMTP preprocessor. (116830)
•
Resolved an issue where the system incorrectly identified versions of
Internet Explorer while the browser operated in compatibility mode.
(117530)
•
Resolved an issue that prevented you from suppressing a GID 134 rule.
(117593)
•
Resolved an issue where drilling down to the operating systems table view
from the Network Information graph in the Context Explorer improperly
constrained the data. (117996)
•
Improved the performance of the HTTP inspect preprocessor. (118025,
118713, 119009)
•
Improved the performance of incident generation and reporting in intrusion
policies. (118096, 118121)
•
Improved the performance of line charts in dashboard widgets. (118173)
•
Resolved an issue where, in rare cases, end-of-connection events were not
logged. (118688)
•
Resolved an issue where the system truncated text in long syslog
messages. (118816)
•
Resolved an issue where some TCP connections detected by virtual
devices were not logged to the Defense Center. (118827)
•
Resolved an issue with the formatting of text files sent with email alerts by
the Defense Center. (119267)
•
Improved the IP defragmentation preprocessor to avoid a possible evasion
using packet fragments. (119531)
•
Resolved an issue where TCP connections that were reset took a long time
to generate connection events. (119557)
•
Resolve an issue where the system experienced issues with packet
reassembly when the port configuration in an applied intrusion policy
differed from the base intrusion policy. (119714)
•
Improved functionality of access control rules with user conditions. (119962)
•
Resolved an issue where intrusion rules using the
file_data
keyword did
not drop traffic if Drop when Inline was disabled in the base intrusion policy.
(120156)
•
Resolved an issue where the TCP stream preprocessor did not correctly
identify the server in HTTP traffic when detected midstream. (120170)
•
Improved Teredo traffic decoding. (120292)
•
Resolved an issue where, in some cases, intrusion events generated during
a network discovery policy apply were associated with incorrect security
zones. (120316)