Palo Alto Networks PAN-OS 6.1 Release Notes • 45
PAN-OS 6.1.0 Addressed Issues
66482
In some cases you could not access the web interface for an M-100 appliance even
though you could access the appliance through the CLI. The issue is now addressed so
that you can access both the web interface and the CLI on an M-100 appliance.
66372
Fixed an issue where some threat names did not display correctly in threat logs
forwarded from the firewall when the logs were viewed on a syslog server.
66360
Fixed an issue on the Panorama web interface, where hovering the mouse over the
High Availability widget on the Dashboard was displaying incorrect information for
threat versions.
66358
When a copper small form-factor pluggable (SFP) link speed was forced to 1000
Mbits/s, the interface state remained up even if there was no network cable attached.
With the fix, the interface state now reflects the actual state of the network
connectivity.
66208
A brute-force attack on an unprotected management interface on the firewall caused
the /var/log/btmp log file to inflate and consume available disk space. With this fix,
PAN-OS enables a log rotation function for failed SSH logins, such as those from
brute-force attacks.
66021
After a client certificate was revoked, the GlobalProtect™ portal allowed users to log
in one more time. After resolving this issue, GlobalProtect blocks all login attempts
after revoking the client certificate.
66005
Previously, show_log_system.txt in the techsupport file contained 50,000 lines
showing the oldest events and did not display the latest events if
show log system had
more than 50,000 lines in the system. The logs now display the recent events first.
66002
An issue with the Host Information Profile (HIP) report caused firewalls running
PAN-OS to retain host information even after a GlobalProtect user logged out. In this
case, the same client IP address was assigned to another user due to the HIP match and
the traffic was handled according to the security policy that applied to the previous
user.
65922
Improvements have been made to session management for PA-5000 platform devices.
65909
When configuring an HIP profile to check two drives for disk encryption, evaluation
fails although the HIP report is correct. After the fix, the evaluation succeeds when
configuring the HIP profile to check for two drives.
65866
Using the web interface, you can now configure the option to discard embedded ICMP
error packets in the zone protection profile. Previously, you could only configure this
option using the CLI.
65721
When pushing Wi-Fi settings to Android mobile devices, GlobalProtect did not set
security parameters when an SSID was hidden, and prompted users to authenticate
when the SSID was visible. With this fix, GlobalProtect correctly pushes the Wi-Fi
settings to Android mobile devices.
65302
On the Panorama web interface, filtering security policies to display the policies for a
specific device group displayed shared policies that were not targeted to any device in
that device group. With this fix, the Panorama web interface only shows shared policies
that are targeted to a device in the selected device group.
Issue Identifier Issue Description
(104 páginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais