Manualsbrain.com
  1. Инструкции и руководства
  2. Бренды
  3. Cisco
  4. Cisco FirePOWER Appliance 8290
  5. Примечания к выпуску

Примечания к выпуску для Cisco Cisco FirePOWER Appliance 8290

Скачать
Страница из 44
Version 5.2.0.8
Sourcefire 3D System Release Notes
35
Known Issues
If Greenwich Mean Time (GMT, also known as UTC) is not your local 
timezone, scheduled geolocation database (GeoDB) updates may fail. If 
your local timezone is +X number of hours from GMT, schedule GeoDB 
updates for 
X:00
 or later. If your local timezone is -X number of hours from 
GMT, schedule GeoDB updates for 
(24:00 - X)
 or earlier. For example, if 
your local timezone is UTC-5, schedule updates before 
19:00
 local time. 
(135756)
The documentation incorrectly states the following: 
If a secondary 
device fails, the primary device continues to sense traffic, 
generate alerts, and send traffic to all secondary devices. On 
failed secondary devices, traffic is dropped. A health alert 
is generated indicating loss of link. 
The documentation should specify that, if the secondary device in a stack 
fails, inline sets with configurable bypass enabled go into bypass mode on 
the primary device. For all other configurations, the system continues to 
load balance traffic to the failed secondary device. In either case, a health 
alert is generated to indicate loss of link. (138269)
The documentation does not reflect that, if you enable an intrusion rule that 
checks for a flowbits state on traffic over a port, and enable at least one 
other rule that affects assigning the same flowbits state for traffic over the 
same port, when you apply or reapply the policy, the system does not 
automatically enable any other rule within the policy that affects assigning 
that flowbits state. (138507, 141143)
In an access control policy, the system processes certain Trust rules before 
the policy’s Security Intelligence blacklist. Trust rules placed before either 
the first Monitor rule or before a rule with an application, URL, user, or 
geolocation-based network condition are processed before the blacklist. 
That is, Trust rules that are near the top of an access control policy (rules 
with a low number) or that are used in a simple policy allow traffic that 
should have been blacklisted to pass uninspected instead. (138743, 139017)
Security Issue
 Sourcefire is aware of a vulnerability inherent in the Intelligent 
Platform Management Interface (IPMI) standard (CVE-2013-4786). Enabling 
Lights-Out Management (LOM) on an appliance exposes this vulnerability. 
To mitigate the vulnerability, deploy your appliances on a secure 
management network accessible only to trusted users and use a complex, 
non-dictionary-based password. To prevent exposure to the vulnerability, do 
not enable LOM. If you enable LOM and expose this vulnerability, change 
the complex password every three months. (139286, 140954)
The documentation does not reflect that, if you register a cluster, stack, or 
clustered stack of devices to a Defense Center, you may have to manually 
reapply the device configuration. (142411, 141602)
In some cases, if you generate a report from a report template, reports only 
display the IP address if the system cannot resolve the IP address to a host 
name. (142640)The documentation does not reflect that Lights-Out 
Management (LOM) users on 7100 Family devices must limit their 
password to 16 characters rather than 20 characters. (142752)