Manualshelf

Release Notes

ManualsBrandsCisco Manualshardware firewallsCisco FirePOWER Appliance 7010
21222324252627282930
Version 5.2.0.2 Sourcefire 3D System Release Notes 28
Known Issues
Known Issues
The following known issues were reported in Version 5.2.0.2:
In some cases, the system generates impact flag alerts that contain
incorrect intrusion event classifications. (125934)
If a managed device processes traffic only from the initiator of a TCP
connection, the system does not log a connection event at the end of the
connection. (126040)
If you create a custom saved search for intrusion events with the Generator
(GID) field populated, the search returns empty. (126109)
In some cases, connection logs incorrectly identify the responder as the
initiator. (126151)
In some cases after completing a scheduled rule update import and
subsequent intrusion policy reapply, Defense Centers in a high availability
configuration may incorrectly show intrusion policies as out-of-date.
(126670)
In some cases, IPv6-in-IPv4 traffic does not match an access control rule
that uses a port condition for IPv6 (41) and that has an Allow, Monitor, or
Interactive Block action. Instead, the system handles this traffic using the
next matching rule. (126746)
In some cases, the eStreamer client fails to deserialize network discovery
user events and the system generates an error message. As a workaround,
clear the User Activity checkbox in the eStreamer Event Configuration
(System > Local > Registration). (126827)
If the system logs the only intrusion event associated with a connection as
Would have dropped, the associated connection logs with the incorrect
action of
Block. (127141)
In rare cases, the system detects a user login through network discovery
but the Defense Center incompletely logs the user data. (127274)
If you register a managed device as the only device on a Defense Center
with an existing custom network discovery policy configuration, the device
does not detect hosts or users until you edit, modify, and reapply the
existing network discovery policy. (127633)
If you remove a NetMod from a device managed by a Defense Center in a
high availability configuration, the system generates an error message
when you edit the device configuration. You cannot replace one NetMod
with another in this type of deployment. (128091)