Примечания к выпуску для Cisco Cisco Firepower Management Center 2000

In rare cases, the system may not generate events for intrusion rules 141:7 or 142:7. 
(132973/CSCze89252)

In some cases, remote backups of managed devices include extraneous unified files, generating large 
backup files on your Defense Center. (133040/CSCze89204)

You must edit the maximum transmission unit (MTU) on a Defense Center or managed device using 
the appliance’s CLI or shell. You cannot edit MTUs via the user interface. (133802/CSCze89748)

If you create a URL object with an asterisk (

*

) in the URL, the system does not generate preempted 

rule warnings for access control policies containing rules that reference the object. Do not use 
asterisks (

*

) in URL object URLs. (134095/CSCze88837, 134097/CSCze88846)

If you configure your intrusion policy to generate intrusion event syslog alerts, the syslog alert 
message for intrusion events generated by intrusion rules with preprocessor options enabled is 

Snort 

Alert

, not a customized message. (134270/CSCze88831)

If the secondary device in a stack generates an intrusion event, the system does not populate the table 
view of intrusion events with security zone data. (134402/CSCze88843)

If you configure an Nmap scan remediation with the 

 option enabled, Nmap remediation 

fails. As a workaround, disable the 

 option. (134499/CSCze88810)

If you generate a report containing connection event summary data based on a connection event table 
saved search, reports on that table populate with no data. (134541/CSCze89348)

Scheduling and running simultaneous system backup tasks negatively impacts system performance. 
As a workaround, stagger your scheduled tasks so only one backup runs at a time. 
(134575/CSCze89679)

If you edit a previously configured LDAP connection where user and group access control 
parameters are enabled, clicking 

 does not populate the Available Groups box. You must 

re-enter your password when editing an LDAP connection in order to fetch available groups. 
(134872/CSCze89834)

In some cases, if you enable 

 in the 

 section of the Event View 

Settings page, hostnames associated with IPv6 addresses may not resolve as expected in the 
dashboard or event views. (135182/CSCze90155)

Configuring a proxy server to authenticate with a Message Digest 5 (MD5) password encryption for 
malware cloud lookups is not supported. (135279/CSCze89442)

You cannot enter more than 450 characters in the 

 field when creating an LDAP 

authentication object. (135314/CSCze89081)

In some cases, if you schedule a task while observing Daylight Saving Time (DST), the task does 
not run during periods when you are not observing DST. As a workaround, select 

 as 

your local time zone on the Time Zone Preference page (

) and recreate the 

task during a period when you are not observing DST. (135480)

The system requires additional time to reboot appliances or ASA FirePOWER devices running 
Version 5.3 or later due to a database check. If errors are found during the database check, the reboot 
requires additional time to repair the database. (135564, 136439)

In some cases, the system may generate a false positive for the SSH preprocessor rule 128:1. 
(135567/CSCze89434)

If you apply an intrusion policy containing a rule with the 

 HTTP 

preprocessor option enabled, the system may populate intrusion events with incorrect data in the 

 field if traffic passes through a dedicated proxy server. (135651/CSCze89056)

If you schedule a task with 

 as the job type, the system does not attach the report to the emailed 

status report. (136026/CSCze90265)