Cisco Cisco Firepower Management Center 2000 發佈版本通知
38
FireSIGHT System Release Notes
Known Issues
Resolved an issue where, if you created an intrusion policy or network analysis policy and added a shared layer to
it, then exported and imported the new policy the system generated a Back-end failed for import error and did not
import the policy. (144905/CSCze96093)
it, then exported and imported the new policy the system generated a Back-end failed for import error and did not
import the policy. (144905/CSCze96093)
Known Issues
The following known issues are reported in Version 5.4.0.8 and Version 5.4.1.7:
If you plan on updating the system to Version 6.0, you must install the FireSIGHT System Version 6.0 Pre-Installation
package prior to updating the Version 6.0. For more information, see the
package prior to updating the Version 6.0. For more information, see the
.
In rare cases, if you request archived eStreamer events, the system may not return all the events between the
requested timestamp and the current time. Requesting current eStreamer events functions correctly.
(142742/CSCze94012)
requested timestamp and the current time. Requesting current eStreamer events functions correctly.
(142742/CSCze94012)
Adding an IP address to the Security Intelligence Global Whitelist does not add the IP address to an Access Control
Policy as a Trust Rule. Adding an IP address to the Security Intelligence Global Blacklist will block all traffic to or from
the identified IP address. (CSCuu20110)
Policy as a Trust Rule. Adding an IP address to the Security Intelligence Global Blacklist will block all traffic to or from
the identified IP address. (CSCuu20110)
The system does not include audit log entries for login attempts with <script>alert(1)</script> as the user name.
(CSCuu39516)
(CSCuu39516)
In rare cases, if you enable Inspect HTTP Responses as a server-level http normalization option, the system does
not detect files containing 16,000 or more non-printable characters. (CSCuy43267,CSCuy43369)
not detect files containing 16,000 or more non-printable characters. (CSCuy43267,CSCuy43369)
In some cases, if you delete the permanent license from the Licenses page (System > Licenses), the Device
Management page (Devices > Device Management) does not display Unlicensed for devices the permanent
license was deleted from when it should and policy apply fails. As a workaround, edit the Licenses section of the
Device page (Devices > Device Management > Device) and apply changes. (CSCuu96447)
Management page (Devices > Device Management) does not display Unlicensed for devices the permanent
license was deleted from when it should and policy apply fails. As a workaround, edit the Licenses section of the
Device page (Devices > Device Management > Device) and apply changes. (CSCuu96447)
If you change the SSL CA certificate that is used for decryption in an SSL policy and apply an SSL policy containing
a rule to a Cisco ASA with FirePOWER Services device or an ASA with Firepower Threat Defense device, the lock
icon in the SSL Status column in the table view of the Connection Events page (Analysis > Connections > Events)
is incorrectly grayed out for events generated by the SSL rule. As a workaround, disable the re-enable the SSL rule.
(CSCuw51847)
a rule to a Cisco ASA with FirePOWER Services device or an ASA with Firepower Threat Defense device, the lock
icon in the SSL Status column in the table view of the Connection Events page (Analysis > Connections > Events)
is incorrectly grayed out for events generated by the SSL rule. As a workaround, disable the re-enable the SSL rule.
(CSCuw51847)
If you update a Series 3 device from Version 5.4.0 to 5.4.0.2 or later and the system time is incorrectly set to date
that is before Oct 3, 2014, the install fails. As a workaround, set the system date to the correct date prior to
installing.(CSCuw62108)
that is before Oct 3, 2014, the install fails. As a workaround, set the system date to the correct date prior to
installing.(CSCuw62108)
In some cases, updating virtual Defense Centers running VMware from a Version 5.4.x to a later Version of 5.4.x fails.
As a workaround, individually install all the required patches to the virtual Defense Center. (CSCuw65577)
As a workaround, individually install all the required patches to the virtual Defense Center. (CSCuw65577)
In some cases, if you cluster two stacks of 3D8250 devices and apply an access control policy containing an intrusion
policy, then the secondary stack in the cluster goes into maintenance mode and you edit the access control policy,
applying the modified access control policy causes the system to incorrectly remove the access control policy from
the active stack in the cluster. (CSCuw73470)
policy, then the secondary stack in the cluster goes into maintenance mode and you edit the access control policy,
applying the modified access control policy causes the system to incorrectly remove the access control policy from
the active stack in the cluster. (CSCuw73470)
In some cases, if user IP and group mappings are being streamed to a managed device while the mappings are being
updated on the Defense Center, the network map on the managed device may not update correctly and may not
match the network map on the Defense Center. If your Defense Center and managed devices appear to have
different network maps, contact Support. (CSCux12245)
updated on the Defense Center, the network map on the managed device may not update correctly and may not
match the network map on the Defense Center. If your Defense Center and managed devices appear to have
different network maps, contact Support. (CSCux12245)
In some cases, updating a managed device fails and the system does not indicate why in Task Status. If you update
a device and the update fails without a reason, contact Support. (CSCux56288)
a device and the update fails without a reason, contact Support. (CSCux56288)
In some cases, if you set the default time zone to Europe and Moscow on the Time Zone Preference tab (User Name
> User Preferences > Time Zone Preference), the system displays an incorrect timestamp on generated events.
(CSCux66887)
> User Preferences > Time Zone Preference), the system displays an incorrect timestamp on generated events.
(CSCux66887)