Take 183 - General Availability

List of Resolved Issues and New Features

Note - This Take contains all fixes from all earlier Takes.

ID	Product	Description
Take 183 Released on 3 September 2020 and declared as General Availability on 11 October 2020
PRJ-14373, PMTR-36116	Diagnostics	Missing information in total throughput/inbound/outbound packets in CPView history's Network view.
PRJ-13960, PMTR-55974	Security Management	NEW: Added the ability to purge revisions automatically based on user configuration. Refer to Automatic Purge Documentation.
PRJ-14643, PRHF-11983	Security Management	NEW: Solr server process is restarted automatically if it is not responsive for a long time.
-	Security Management	Policy installation from Multi-Domain or Security Management server to R77.30 Security Gateway fails when using R80.20 Management with Jumbo Hotfix Take 173. Refer to sk169259.
PRJ-12373, PRHF-10550	Security Management	Policy Presets may disappear from view after the user runs the Solr Cure utility. Refer to sk167455.
PRJ-14295, PRHF-11704	Security Management	In rare scenarios, High Availability sync fails with "Ngm failed to import data" error after the user deletes a Permission Role.
PRJ-13917, MCFG-242	Security Management	In some scenarios, exporting the Security Management Server in order to migrate it to Domain in Multi-Domain Environment, fails.
PRJ-13461, PMTR-54975	Security Management	In rare scenarios, Install Policy Presets are not triggered.
PRJ-15608, PMTR-57447	Multi-Domain Management	NEW: Added ability to run Management REST API on a Multi-Domain Log Server.
PRJ-15414, PRJ-13920	Multi-Domain Management	In Multi-Domain environments with High Availability, if the Management Server is stopped while there's a Purge Revisions operations in progress, the server may fail to start again. Refer to sk168175.
PRJ-15457, PRHF-6093	Multi-Domain Management	Policy Installation may fail due to an internal error in an MDS environment where there is a Global Dynamic object usage inside Networks Groups with a depth that is higher than 2-level (group inside a group).
PRJ-14759, PRHF-12085	Multi-Domain Management	In some scenarios, migrating a Domain between different Multi-Domain Management servers fails if a previous migration of the same Domain failed.
PRJ-14453, PRHF-11940	Multi-Domain Management	Policies may disappear from the Global Domain Assignments view after running the Solr Cure utility. Refer to sk168060.
PRJ-15370, PMTR-57065	SmartConsole	The user may not be able to delete objects that are referenced by a previously deleted policy. Refer to sk122954.
PRJ-14174, PMTR-32568	SmartConsole	In some scenarios, a validation warning may appear on an updatable object with the following message: "Object is no longer supported. Enforcing security for this object is not possible." However, the object is still available in the updatable objects picker.
PRJ-13898, PRHF-11537	SmartConsole	Audit log is not shown in SmartConsole's Logs & Monitor View for the login action through API when the "-r" flag is set to true (login as root).
PRJ-14292, PMTR-53220	SmartConsole	If there are thousands (or more) of unused objects, the "show unused-objects" API command and the Unused Objects view may load and work very slowly. Also, the load on the Management server will increase, causing general slowness when working with SmartConsole.
PRJ-12703, PRHF-10295	SmartView	The SmartView Timeline may be distorted when logs contain an empty value for the field specified in the "Series" settings and when the Legend is enabled. Refer to sk167095.
PRJ-14360, PMTR-54723	SmartView	In SmartView, the icon is missing from the cover page of Compliance and Content Awareness PDF reports.
PRJ-14530, PMTR-55130	SmartView	In some scenarios, when attempting to download a DLP attachment from the log card in SmartView, the download does not start.
PRJ-12091, PMTR-52324	Logging	NEW: Added Management API command "show logs" to query logs. Added Management API command "get attachment" to fetch attachments from logs by log ID and attachment ID.
PRJ-13560, PMTR-53242	Logging	In rare scenarios, the evstop script does not stop all logging processes. As a result, upgrade procedures may hang and show no progress.
PRJ-14047, PRHF-11502	Logging	In some scenarios, the command "cp_log_export status" prints "last log read at: N/A" rather then a timestamp.
PRJ-14367, PRHF-10818	Security Gateway	UPDATE: Reduced CPU usage in some configurations by parsing TLS traffic only when required by the policy. Refer to sk166700 for more information.
PRJ-14630, PRHF-12058	Security Gateway	In rare scenarios, Security Gateway memory consumption may increase.
PRJ-9847, PRHF-7150	Security Gateway	In some scenarios, SCCP traffic may be dropped by the Security Gateway. Refer to sk108124.
PRJ-12945, PRHF-10972	Security Gateway	After policy installation, the output of the "cphaprob stat" command may show 'HA module not started' when a large number of non-monitored Cluster interfaces are configured in SmartConsole. This fix adds support for multiple non-monitored interfaces in SmartConsole.
PRJ-14214, PMTR-56300	Security Gateway	In a rare scenario, the Security gateway may crash if the rulebase contains a logical server object.
PRJ-13379, PMTR-54897	Security Gateway	In some scenarios, Security gateway generates an ICMP error with wrong IP address. Refer to sk167953.
PRJ-15686, PRHF-12067	HTTPS Inspection	In some scenarios, web traffic may be blocked with "Content Awareness - Error: Internal system error (1000)" error log.
PRJ-7758, PMTR-40495	SSL Inspection	DynamicID authentication may fail due to server certificate validation failure. Refer to sk167177.
PRJ-16487, PMTR-57645	IPS	In some scenarios, invalid characters are sent to gw-stat report.
PRJ-12563, IDA-2983	Identity Awareness	PDP process may consume high CPU during policy installation because of a large amount of Access Roles.
PRJ-13513, PMTR-55246	Identity Awareness	In some scenarios, a XFF allowed proxy list is enforced only for instance 0 in VSLS environment after VS has transitioned from Backup to Active.
PRJ-11194, PRHF-9801	ClusterXL	In some scenarios, "fw ctl affinity" and "sim affinity" commands show wrong IRQ numbers. Refer to sk166356.
PRJ-14609, PRHF-7700	SecureXL	UPDATE: Added a global variable that enables log for packets that include unapproved IP option. This variable is off by default.
PRJ-13412, ACCHA-301	SecureXL	DECnet DIGITAL Network Architecture (Phase IV) traffic may be dropped. Refer to sk167202.
PRJ-14517, PRHF-10860	SecureXL	In a rare scenario, a VSX gateway with Virtual Switch may crash.
PRJ-13760, PMTR-55537	SecureXL	Security Gateway may crash when concurrent connection rules exist in the DOS/Rate limiting policy and the Application Control Blade is enabled.
PRJ-15899, PRHF-12374	SecureXL	An asymmetric routing issue may occur between a Virtual System and a Virtual Switch/Router.
PRJ-13924, PMTR-54829	Routing	UPDATE: Increased the configuration limits of the BFD timers for detect multiplier, minimum RX interval, and minimum TX interval to 255, 255000, and 255000, respectively.
PRJ-5817, PRHF-6216	Routing	BGP connection may fail to establish when there are multiple peer groups with the same AS number in iBGP configurations.
PRJ-14432, PMTR-53221	Gaia OS	NEW: Added support for CPAC-4-10-AB cards.
PRJ-14410, PRHF-11683	Gaia OS	In some scenarios, the snapshot creation fails because of compression errors.
PRJ-13153	Gaia OS	In some scenarios, a snapshot creation may fail.
PRJ-10799	Gaia OS	In some scenarios, due to backup compression errors, restoring a backup does not restore all files.
PRJ-15989, PRJ-15983	VPN	Starting from R80.20 Jumbo Hotfix Take 156, clients that do not support MFA (such as Mac OS and iOS) cannot connect as Remote Access clients if MFA is enabled. Refer to sk168493.
PRJ-14404, PMTR-54728	VPN	Connectivity improvements for Remote Access VPN with L2TP.
PRJ-15328, VPNRA-379	VPN	In some scenarios, Remote Access VPN traffic may be dropped when XFF is enabled.
PRJ-14573, PMTR-54771	VPN	IP compression may not work in some scenarios when IKEv2 is configured.
PRJ-14241, PRHF-7995	VPN	VPN traffic may be dropped when working with peer behind NAT - Hide NAT with Port Translation.
PRJ-16017, PRHF-12425	CloudGuard IaaS	In some scenarios, CloudGuard Controller may lose connection to GCP projects. Refer to sk168499.
PRJ-12183, VSECC-1293	CloudGuard IaaS	CloudGuard Controller may sometimes update the Standby cluster member in VSLS mode.
PRJ-14149, PRHF-11651	Endpoint Security	In some scenarios, no audit logs are shown regarding object changes in SmartEndpoint virtual groups and FDE pre-boot users. Refer to sk167907.
PRJ-14132, PRHF-7699	Endpoint Security	In some scenarios, the user cannot get an FDE Offline Management File (cpomf) for an offline group in SmartEndpoint if this group or a directory in its path has special characters \ _ %.