This document contains important information about the current release. We strongly recommend that you read the entire document.

Similar documents
Stonesoft Management Center. Release Notes Revision C

Stonesoft Management Center. Release Notes Revision B

Stonesoft Management Center. Release Notes Revision B

Stonesoft Management Center. Release Notes Revision A

Stonesoft Management Center. Release Notes Revision B

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

Stonesoft Management Center. Release Notes Revision A

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

Stonesoft Management Center. Release Notes Revision A

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

NGFW Security Management Center

Stonesoft Management Center. Release Notes for Version 5.6.1

StoneGate Management Center. Release Notes for Version 5.1.4

This release of the product includes these new features that have been added since NGFW 5.5.

Stonesoft Management Center. Release Notes for Version 5.5.1

This release of the product includes these new features that have been added since NGFW 5.5.

StoneGate Management Center. Release Notes for Version 5.3.4

StoneGate Management Center. Release Notes for Version 5.3.2

McAfee Next Generation Firewall 5.9.1

This release of the product includes these new features that have been added since NGFW 5.5.

Stonesoft Management Center. Release Notes for Version 5.4.3

Stonesoft Management Center. Release Notes for Version 5.4.6

StoneGate Management Center. Release Notes for Version 5.3.3

This release of the product includes these new features that have been added since NGFW 5.5.

This release of the product includes these new features that have been added since NGFW 5.5.

StoneGate Management Center Release Notes for Version 4.2.1

StoneGate Management Center. Release Notes for Version 4.1.2

Stonesoft Next Generation Firewall. Release Notes Revision B

Stonesoft Next Generation Firewall. Release Notes Revision A

Stonesoft Next Generation Firewall. Release Notes Revision C

StoneGate Management Center. Release Notes for Version 4.0.1

This release of the product includes these new features that have been added since NGFW 5.5.

Stonesoft Next Generation Firewall

Next Generation Firewall

Stonesoft Management Center. Release Notes for Version 5.5.0

Network Security Platform 8.1

Network Security Platform 8.1

McAfee Network Security Platform 8.1

McAfee Network Security Platform 8.3

McAfee Network Security Platform 9.1

This release of the product includes these new features that have been added since NGFW 5.7.

McAfee Firewall Enterprise and 8.3.x

Network Security Platform 8.1

Endpoint Intelligence Agent 2.2.0

Network Security Platform 8.1

This release of the product includes these new features that have been added since NGFW 5.5.

McAfee Network Security Platform 9.1

McAfee Network Security Platform 9.1

Network Security Platform 8.1

============================================================

Stonesoft VPN Client. for Windows Release Notes Revision A

McAfee Network Security Platform

McAfee Network Security Platform 9.1

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3

McAfee Network Security Platform 9.1

Stonesoft VPN Client. for Windows Release Notes Revision A

McAfee Firewall Enterprise epolicy Orchestrator Extension

Deploying the hybrid solution

McAfee Advanced Threat Defense Release Notes

McAfee Network Security Platform

Product overview. McAfee Web Protection Hybrid Integration Guide. Overview

Stonesoft VPN Client. for Windows Release Notes Revision B

Installing Client Proxy software

McAfee Network Security Platform 8.3

McAfee Security Management Center

McAfee Network Security Platform 8.3

McAfee Endpoint Upgrade Assistant 1.5.0

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.1

McAfee Firewall Enterprise

Network Security Platform 8.1

Network Security Platform 8.1

McAfee Web Gateway

McAfee Network Security Platform 9.2

McAfee Virtual Network Security Platform 8.4 Revision A

Network Security Platform 8.1

McAfee Firewall Enterprise 8.3.2P05

This document contains important information about the current release. We strongly recommend that you read the entire document.

McAfee Network Security Platform 8.3

Client Proxy interface reference

Network Security Platform 8.1

Network Security Platform 8.1

Release Notes McAfee Change Control 7.0.0

Network Security Platform 8.1

McAfee Network Security Platform 8.3

McAfee Web Gateway

McAfee Network Security Platform 9.2

Transcription:

Release Notes Revision A McAfee Security Management Center 5.8.3 Contents About this release Resolved issues Installation instructions Upgrade instructions System requirements Build version Compatibility Known issues Find product documentation About this release This document contains important information about the current release. We strongly recommend that you read the entire document. Resolved issues These issues have been resolved since SMC version 5.8.2. For a list of issues that have been resolved in earlier releases, see the Release Notes for the specific release. Issue Diagram not drawn when selecting elements in the System Status view (#105250) Remote upgrade fails due to low disk space (#105510) Description When you select an element in the System Status view, you might see the error message "Auto generation failed", and the diagram showing connectivity to other elements is not drawn. When a remote upgrade is started, a temporary copy of the engine image is made. If there is not enough disk space on the SMC installation partition, the upgrade can fail with the error "rdiff invocation failed, return code [100]:io error". Make sure there is enough disk space. After node reboot, the element status may indicate No Policy Installed (#111656) After rebooting the node, the element status may show "No Policy Installed" and "N/A" as the policy, even though a policy is in use and the element is shown as green. In addition, on the node level the correct policy information is shown. The problem is rare but might occur in some setups. Refresh the policy on the engine. 1

Issue Standby Management Server certification can fail during installation (#113604) Creating encrypted Management Server backup fails (#113786) SSL VPN endpoint conflict not detected (#113875) Alert chain Final Action cannot be changed (#114130) Network elements in Antispoofing and Routing panes may display IP address 0.0.0.0/0 (#114179) Adding blacklist scope for an Inspection rule with the Terminate action fails (#114200) Results in Search Rules view are reset every 15 minutes (#114206) Description Standby Management Server certification can fail during installation. 1. Install the standby server in standalone mode. 2. Certify the server using the command sgcertifymgtsrv.bat/sh - standby. 3. Run sgonlinereplication.bat/sh to initiate the original replication between the servers. If you see the message "Replication operation successfully completed.", the replication succeeded and possible timeout messages can be ignored. Creating an encrypted Management Server backup fails with the following error message: "pad block corrupted." Creating normal Management Server backups works. Policy validation does not detect a conflict if an endpoint is enabled both for the SSL VPN Portal and for an SSL VPN Tunnel and the same port is used for both. Configure different ports for SSL VPN Portal and SSL VPN Tunnel or use separate endpoints for them. The Final Action in an Alert Chain cannot be changed. The Final Action reverts to its original value when you save the Alert Chain. Use either of these workarounds: - Create a new Alert Chain or use the Save As option to save a copy of the Alert Chain. Set the Final Action in the new Alert Chain element. Add the new Alert Chain to the Alert Policy. - Export the Alert Chain element. Edit the XML file and change the value of the final_action attribute to one of the following options: 0=None, 1=Acknowledge, 2=Redirect 3=Return. Import the modified XML file. Network elements that are used in the Routing and Antispoofing panes of the Engine Editor may display IP address 0.0.0.0/0. Network information is still correct in the routing or antispoofing configuration. Open the properties of the Network element and click OK to save and refresh the element. Adding a "Block Traffic Between Endpoints" blacklist scope for an Inspection rule with the Terminate action fails when Connection Source and Connection Destination are selected as the Endpoint Address types. Saving the Action Options fails and an error message is shown: "Blacklist Endpoint 1 address mode and Blacklist Endpoint 2 address mode must be identical." Use another type of blacklist scope, when applicable. The search results in the Search Rules view are reset every 15 minutes when the system internally updates elements. Search results are also reset when you save a change to an element during the same Management Client session. Click another tab in the security policy, and then switch back to the original tab to return to the search results. 2

Issue Node-Initiated Contact to Management Server option can't be saved (#114270) Policy Snapshot of Firewall that has interfaces with dynamic IP addresses may be corrupted (#114336) Rule with negation expression including Alias element do not match traffic (#114420) Description "Node-Initiated Contact to Management Server" option cannot be saved in Engine Editor Interface Options. 1. Right-click the Firewall element and select Tools Export to export the element as an XML file. 2. Open the XML file using a text editor. 3. Change the line reverse_connection="false" to reverse_connection="true" and save the XML file. 4. Create a zip file of the edited XML file. 5. Select File Import Import Elements to import the edited XML file. Policy Snapshot actions, such as View, Compare, or Restore, may result in the following error message: "DTD claims: Required attribute "dynamic_ip" missing from element <dyn_interface_asn_level>." This may happen with Policy Snapshots of Firewall elements that have interfaces with dynamic IP addresses configured. Importing the same Firewall element also fails. After upgrading the SMC to version 5.8.2 and installing a policy, rules with an Expression element that includes negation for an Alias element might not match traffic. A typical problematic expression is the negation of $ Local Protected Sites to represent networks other than local networks. 1. Create an IPv4 network element with the IP address 0.0.0.0 and the netmask 0.0.0.0. 2. Edit the problematic expression, adding at the beginning: ipv4_network intersection (current expression). Installation instructions Note The sgadmin user is reserved for McAfee use on Linux, so it must not exist before the McAfee Security Management Center is installed for the first time. The main installation steps for the McAfee Security Management Center and the Firewall, IPS, or Layer 2 Firewall engines are as follows: 1. Install the Management Server, the Log Server(s), and optionally the Web Portal Server(s). 2. Import the licenses for all components (you can generate licenses on our website at https://my.stonesoft.com/managelicense.do). 3. Configure the Firewall, IPS, or Layer 2 Firewall elements with the Management Client using the Security Engine Configuration view. 4. Generate initial configurations for the engines by right-clicking each Firewall, IPS, or Layer 2 Firewall element and selecting Save Initial Configuration. 5. Make the initial connection from the engines to the Management Server and enter the one-time password provided during Step 4. 6. Create and upload a policy on the engines using the Management Client. The detailed installation instructions can be found in the product-specific installation guides. For a more thorough explanation of using the McAfee Security Management Center, refer to the Management Client online Help or the McAfee SMC Administrator s Guide. For background information on how the system works, consult the McAfee SMC Reference Guide. All guides are available for download at https://www.stonesoft.com/en/customer_care/documentation/current/. 3

Upgrade instructions Note McAfee Security Management Center (Management Server, Log Server and Web Portal Server) must be upgraded before the engines are upgraded to the same major version. McAfee Security Management Center (SMC) version 5.8.3 requires an updated license if upgrading from version 5.7 or lower. Unless the automatic license update functionality is in use, request a license upgrade on our website at https://my.stonesoft.com/managelicense.do and activate the new license using the Management Client before upgrading the software. To upgrade an earlier version of the SMC to McAfee Security Management Center version 5.8.3, we strongly recommend that you stop all the McAfee NGFW services and take a backup before continuing with the upgrade. After taking the backup, run the appropriate setup file depending on the operating system. The installation program detects the old version and does the upgrade automatically. Versions lower than 5.2.0 require an upgrade to version 5.2.0 5.7.4 before upgrading to version 5.8.3. System requirements Basic management system hardware requirements Intel Core family processor or higher recommended, or equivalent on a non-intel platform A mouse or pointing device (for Management Client only) SVGA (1024x768) display or higher (for Management Client only) Disk space for Management Server: 6 GB Disk space for Log Server: 50 GB Memory requirements for 32-bit operating systems: o 2 GB RAM for Server (3 GB minimum if all components are installed on the same server) o 1 GB RAM for Management Client Memory requirements for 64-bit operating systems: o 6 GB RAM for Server (8 GB minimum if all components are installed on the same server) o 2 GB RAM for Management Client Operating systems McAfee Security Management Center supports the following operating systems and versions: Microsoft Windows Server 2012 R2 (64-bit)* Microsoft Windows Server 2008 R1 SP2 and R2 SP1 (64-bit)* Microsoft Windows 7 SP1 (64-bit)* CentOS 6 (for 32-bit and 64-bit x86)** Red Hat Enterprise Linux 6 (for 32-bit and 64-bit x86)** SUSE Linux Enterprise 11 SP3 (for 32-bit and 64-bit x86)** Ubuntu 12.04 LTS (for 64-bit x86)** *) Only the U.S. English language version has been tested, but other locales may work as well. **) 32-bit compatibility libraries lib and libz are needed on all Linux platforms. Note 32-bit Windows environments are no longer officially supported in SMC 5.8. 4

Web Start Clients In addition to the operating systems listed above, McAfee Security Management Center can be accessed through Web Start by using the following Mac OS and JRE versions: Mac OS 10.9 with JRE 1.7.0_67 Build version McAfee Security Management Center version 5.8.3 build version is 8824. This release contains Dynamic Update package 632. Product Binary Checksums smc_5.8.3.8824.iso 8ea1b06e9e36471c832d0ae37cb52d09dc27bc62 9f7f2fbfbdf75a8a777dc3e4190b6629730fef0d21347259fa99577b62326362611b285617f5f5c58 4ed43246b1d688bfc24f5fada80ba7461c72e031e01bf3d smc_5.8.3.8824.zip 888b44159472adf65bb4c763df578aa4af7b78bd ffd5bb6c0295b6b3c622d1a87d6a28c7de9efe7c0b27729d7756730763e7dffecf9fc3acaab98b4dd 6f82351e73707d2f02e1ddf89d3c0a813e89aee9508daf8 smc_5.8.3.8824_linux.zip 4e9dae2dcbf6eea443218853773bfceb440f1e1d a1dfed20ebcb39f0c7ba7b9e61ce444f89b43fe94aa391dc5c9d9b96ed2c9fc06fa7f5d77178c7aa6e d5abe7ac2913d5ca43768f41b7484abdc8f021726804d3 smc_5.8.3.8824_webstart.zip e8bf5bfe080127d227a2c110ced02214ae6bd539 d3c0b767d0d4f72be79849da033fd0d2ea5b5a36a431a053169a9fa680e680577e3d69c0246d059 55ddf3d5bbd136531815b66a6787d6fe8a6cb03385e89910f smc_5.8.3.8824_windows.zip 94bfb3d2c52e3e61cd0223771ae444d0b3a4207d 31c1aaed5f809242a70ff5df0873edf459d33684cb294bcad5ef76ecf6f6a6966e594989d6e260582 1e3abeb89ba96830dd56ed15a0d83107bed961b11869590 5

Compatibility McAfee Security Management Center version 5.8 is compatible with the following McAfee and NGFW component versions: McAfee Next Generation Firewall (NGFW) 5.7 and 5.8 Stonesoft Security Engine 5.4 and 5.5 Stonesoft Firewall engine 5.3 Stonesoft SSL VPN 1.5 McAfee epolicy Orchestrator (McAfee epo) 4.6 and 5.0 McAfee Enterprise Security Manager (McAfee ESM) 9.2.0 and later (9.1.0 CEF only) Note SMC 5.8 no longer supports legacy Stonesoft IPS Analyzers, Combined Sensor-Analyzers, or Sensor versions 5.2 or lower. Native Support To utilize all the features of McAfee Security Management Center version 5.8, the following McAfee component versions are required: McAfee Next Generation Firewall (NGFW) 5.8 Known issues For a list of known issues in this product release, see this McAfee Knowledge Center article: KB82953. Find product documentation McAfee provides the information you need during each phase of product implementation, from installation to daily use and troubleshooting. After a product is released, information about the product is entered into the online Knowledge Center. 1. Go to the McAfee ServicePortal at http://support.mcafee.com and click Knowledge Center. 2. Enter a product name, select a version, then click Search to display a list of documents. Copyright 2015 McAfee, Inc. Do not copy without permission. McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other names and brands may be claimed as the property of others. 00-A 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback