Примечания к выпуску для Cisco Cisco Catalyst 6500 Cisco 7600 Router Anomaly Guard Module
12
Release Note for the Cisco Anomaly Guard Module
OL-16151-03
Software Version 6.1(2) Resolved and Open Caveats
•
CSCsl49552—Zone activation fails when four active zones with automatic packet-dump capture are
enabled.
enabled.
Software Version 6.1(2) Open Caveats
The following caveats are open in software version 6.1(2):
•
CSCrh01198—After you reload the Guard module, it erases the default gateway if the gateway is
on the same subnet as one of the configured VLAN interfaces on the module. Workaround: Use a
static route instead of a default gateway.
on the same subnet as one of the configured VLAN interfaces on the module. Workaround: Use a
static route instead of a default gateway.
•
CSCsa64914—The name of the Flexible Filter Drop Count counter in the WBM
Zone > Configuration > General menu should be Flexible Filter Drop Rate. This counter accurately
displays the drop rate of the Flex-Content filter. The General menu also contains the Flexible Filter
Action and Flexible Filter Count fields. When the Flexible Filter Action value is displayed as Drop,
the Flexible Filter Count value displays the number of dropped packets. When the value is displayed
as Count, the Flexible Filter Count value displays the number of counted packets.
Zone > Configuration > General menu should be Flexible Filter Drop Rate. This counter accurately
displays the drop rate of the Flex-Content filter. The General menu also contains the Flexible Filter
Action and Flexible Filter Count fields. When the Flexible Filter Action value is displayed as Drop,
the Flexible Filter Count value displays the number of dropped packets. When the value is displayed
as Count, the Flexible Filter Count value displays the number of counted packets.
Workaround: None.
•
CSCsa78440—The protect-by-packet activation interface does not apply to zones that are on the
same subnet as the Guard module. Workaround: Use another activation interface.
same subnet as the Guard module. Workaround: Use another activation interface.
•
CSCsb07081—The flex-content filter cannot find a pattern in SYN packets. Workaround: None.
•
CSCsb20206—The Web-Based Manager (WBM) remains unresponsive while the pop up window
waits for results from the signature generation process. Even if you close the pop up window
manually, the WBM remains unresponsive while signature generation is in progress. Workaround:
Wait until the pop up window receives a result or issue the no service wbm CLI command in
configuration mode.
waits for results from the signature generation process. Even if you close the pop up window
manually, the WBM remains unresponsive while signature generation is in progress. Workaround:
Wait until the pop up window receives a result or issue the no service wbm CLI command in
configuration mode.
•
CSCsb29083—You cannot assign an identical name to manual packet dumps that you create in
different zones. Workaround: Assign unique names to manual packet dumps.
different zones. Workaround: Assign unique names to manual packet dumps.
•
CSCsc05116—The Guard module may stop functioning or start logging errors after reaching 100%
anomaly detection engine memory utilization. Workaround: Use the show resources command in
global mode to view the amount of anomaly detection engine memory being used by the Guard
module. Reducing the number of active zones may free up memory.
anomaly detection engine memory utilization. Workaround: Use the show resources command in
global mode to view the amount of anomaly detection engine memory being used by the Guard
module. Reducing the number of active zones may free up memory.
•
CSCsc36095—Loopback interfaces 100 and higher disappear or become proxy interfaces when you
upgrade from previous software versions to software version 6.0(x). Workaround: Renumber
loopback interfaces before upgrading the Guard module to software version 6.0(x).
upgrade from previous software versions to software version 6.0(x). Workaround: Renumber
loopback interfaces before upgrading the Guard module to software version 6.0(x).
•
CSCsc51207—The Guard module does not evaluate all conditions defined in the flex-content filter
when the filter is built from more than one offset-based element (for example, udp[64:4]=0x1234)
with “or” between them. If one of the elements has an offset beyond the packet end, the Guard
module does not evaluate the rest of elements. Workaround: Build the filter in a form in which its
elements are ordered by an offset.
when the filter is built from more than one offset-based element (for example, udp[64:4]=0x1234)
with “or” between them. If one of the elements has an offset beyond the packet end, the Guard
module does not evaluate the rest of elements. Workaround: Build the filter in a form in which its
elements are ordered by an offset.
•
CSCsc69508—After you import an HTML file to serve as the login banner, some SSH clients may
not be able to connect to the product. Workaround: None.
not be able to connect to the product. Workaround: None.
•
CSCsd83077—The Guard module responds to a larger size packet than the MTU value set for its
network interfaces. Workaround: None.
network interfaces. Workaround: None.
•
CSCse08139—The CLI session terminates when you press Ctrl-Z several times after issuing the
more 0 command. Workaround: None.
more 0 command. Workaround: None.