Take 195 - Ongoing
List of Resolved Issues and New Features
|
Note - This Take contains all fixes from all earlier Takes. |
ID |
Product |
Description |
---|---|---|
Take 195 Released on 26 April 2020 |
||
PRJ-8953, |
Upgrade Tools |
Upgrade from R80.20 to R80.30 may fail with messages related to cmsobfuscationkey. |
PRJ-10629 |
Installation |
Firmware upgrade for Small Office appliance using SmartProvisioning in Multi-Domain Management environment may fail. |
PRJ-8644, |
Security Management |
NEW: Performance enhancements while the Management Server is under high load. |
PRJ-8606, |
Security Management |
NEW: Added ability to search in the Management Server by adding asterisk before any sequence of characters. For more information, refer to sk164873.
|
PRJ-9591, |
Security Management |
Security hardening: The Management Server will block connection requests with a TLS version below 1.2 on port 19009. |
PRJ-8896, |
Security Management |
When an administrator fails to publish another administrator's session, the session of the other administrator disappears from the Sessions view in SmartConsole. |
PRJ-7887, |
Security Management |
In some scenarios, when the user modifies a policy rule and creates a section above it in the same session, the log tracker shows that the rule was created instead of modified. |
PRJ-5794, |
Security Management |
In some scenarios, after the user manually performs "Full Sync", a newly created secondary Domain Server or Domain Log Server is not shown in SmartConsole's Domains view. |
PRJ-678, |
Security Management |
In some scenarios, Check Point services fail to start and the CPM log shows that there are duplicate session aggregators. |
PRJ-9265, |
Security Management |
Policy verification may fail after the user does the following steps: Configures specific install targets for a policy, publishes them, changes the install targets back to "All Gateways", and tries to install them on a Gateway which is not in the original list of targets. |
PRJ-6704, |
Security Management |
In a rare scenario, when viewing the Layer History, some revisions not relevant to the selected Layer may be shown. |
PRJ-8394, |
Security Management |
In a rare scenario, tasks do not appear in the Tasks notifications bar even though they are running. |
PRJ-9261, |
Security Management |
Upgrade of Multi-Domain Server may fail when the source version is R80.10 and there is no license configured on the target machine. |
PRJ-9668, |
Security Management |
In a rare scenario, the FWD process on the Security Management may unexpectedly exit during peak hours. |
PRJ-10088, |
Security Management |
The cpm_solr process may unexpectedly exit and cause one of the following:
|
PRJ-9089, |
Security Management |
In a rare scenario, when an environment has many Gateways (dozens), the FWM daemon may unexpectedly exit when 4 GB of memory is reached. Refer to sk165015. |
PRJ-7819, |
Security Management |
In some scenarios, SmartView Monitor unexpectedly terminates when the user selects the Specific QoS Rules option in Top QoS Rules. |
PRJ-7768, |
Security Management |
In rare scenarios, publishing a session fails with the following "Action Failed due to an Internal Error" error. Discarding the session in SmartConsole completes as "discarded", but the changes are still there. The same behavior occurs in the Management API: mgmt_cli -r true discard uid <UID> number-of-discarded-changes: 4 message: "OK" |
PRJ-5447, |
Security Management |
In some scenarios, an unclear error appears when the user imports a global policy on a Multi-Domain Management Server. The error is caused by a mismatch between the leading interface defined on the machine and the one defined in the database. |
PRJ-9299, |
Security Management |
In a rare scenario, the "SmartDashboard component failed to connect to server <IP address>. Please contact technical support" error is displayed in SmartConsole when opening the Management object for editing. |
PRJ-8230, |
Security Management |
The "Unused Objects" filter in Object Explorer may display a failure message if there are more than 20000 unused objects.
|
PRJ-9322, |
Security Management |
In some scenarios, a disconnected SmartView Monitor session appears in SmartConsole with a grayed out 'Disconnect' option, which cannot be discarded. Refer to sk165037. |
PRJ-9171, |
Multi-Domain Management |
NEW: Performance improvement for Multi-Domain environments in which many administrators are connected. |
PRJ-9236, |
Multi-Domain Management |
NEW: Performance enhancements for the delete Domain operation. |
PRJ-10746, |
Multi-Domain Management |
In some scenarios, policy installation from the Domain Management Server fails after mds_backup procedure that was interrupted. Refer to sk165559. |
PRJ-10530, |
Multi-Domain Management |
The mds_import.sh script may fail if the IPS version for a Domain/CMA does not exist on the R80.x Multi-Domain Management Server. |
PRJ-11176, |
Multi-Domain Management |
In some scenarios, Full synchronization fails in the Global Domain with "Full sync with peer '[Peer Name]' NGM failed to import data" error. Refer to sk145972. |
PRJ-10363, |
Multi-Domain Management |
After performing Full synchronization or failover of the Global Domain, the following operations may fail (refer to sk145972):
|
PRJ-11166, |
Multi-Domain Management |
In a rare scenario, synchronization between Multi-Domain Management Servers breaks after revisions purge operation. |
PRJ-2630 |
Multi-Domain Management |
In a Multi-Domain Management environment with more than 50 Domains, some Domains are not displayed in the SmartEvent GUI. |
PRJ-9240, |
Multi-Domain Management |
In some scenarios, secondary MDS or MLM fail to renew a management certificate. Refer to sk164732. |
PRJ-6985, |
Multi-Domain Management |
In some scenarios, there may be high Solr CPU on Multi-Domain Management Servers with dozens of Domains. |
PRJ-9698. |
Multi-Domain Management |
MLM may open a connection to the reversed IP address of the Multi-Domain Server. |
PRJ-10526, |
Multi-Domain Management |
Upgrade of Multi-Domain Server may fail if Sync With User Center is running. |
PRJ-9281, |
SmartConsole |
NEW: Enhancement: Two new flags were added for the performance improvement of Threat Protection API commands: 'show-profiles' and 'show-ips-additional-properties'. The default value for both flags is false. |
PRJ-3771, |
SmartConsole |
In "Top services" view of SmartView Monitor, "cp_tcp_A936..." service is displayed instead of "https" service. Refer to sk146052. |
PRJ-9465, |
SmartConsole |
In some scenarios, when the user attempts to delete a Gateway / Cluster member, an error message may appear and the operation may not complete successfully. |
PRJ-4063, |
SmartConsole |
Objects of Unused Access Roles are not visible in the Object Explorer. Refer to sk151896. |
PRJ-9079, |
SmartConsole |
In some scenarios, the Management Server may unexpectedly exit following authenticated API commands to create or update objects with extremely long comments. |
PRJ-9549, |
SmartConsole |
When the user invokes the 'show-access-layer' API command, the parent layer may be missing from the output result. |
PRJ-1449, |
SmartConsole |
In some scenarios, the api.elg log is flooded with the the "Returning default standard reply class" message. |
PRJ-10287, |
SmartConsole |
"An internal error has occurred. (Code: 0x8003001D, Could not access file for write operation)" error is displayed when editing IKE PSK on "External User Profile" objects using Legacy SmartDashboard. Refer to Scenario 2 in sk119973. |
PRJ-7054, |
SmartConsole |
When performing Backup and Restore, user may get a misleading message that these operations are supported only for Gaia. |
PRJ-10634, |
SmartProvisioning |
In some scenarios, after creating a Small Office gateway using LSMCli, some fields in the Gateway object on the SmartProvsioning are not populated. |
PRJ-10139, |
SmartProvisioning |
Deletion of LSM Robo cluster may cause the FWM process to unexpectedly exit. |
PRJ-8017, |
SmartView |
SmartView may show wrong time in tables and graphs for clients located in Brazil. |
PRJ-8134, |
SmartView |
"The process <process-name> which is monitored by watchdog restarted more than once in the last half an hour" error may appear in the SmartEvent GUI status window even though the process has been up for more than 30 minutes. |
PRJ-7922, |
SmartView |
In the Logs page of the SmartView web application, the "File Name" filter may appear twice in the quick filters pane. |
PRJ-7724, |
SmartView |
In SmartView, when filtering a view using special characters in the search bar and exporting to Excel, the file may be generated empty. |
PRJ-10373, |
SmartView |
In some scenarios, after user imports view/report in SmartView, the imported view/report is not shown in the Catalog. |
PRJ-4329, |
SmartEvent |
In some scenarios, automatic reactions in SmartEvent are sent with the "Destination address" field containing the resolved country name instead of the raw IP value. Refer to sk146992. |
PRJ-7497, |
SmartEvent |
When using SmartEvent automatic reactions, *.MHT files in $RTDIR/tmp directory are not cleaned up in case of email sending failure. |
PRJ-10467, |
Security Gateway |
In a rare scenario, after upgrading a Security Gateway to R80.30, the LOG_INDEXER process running on the Log server may consume 100% CPU and cause the indexing backlog. |
PRJ-9443, |
Security Gateway |
Added logs for packets that include invalid TCP options. This feature is disabled by default. |
PRJ-9558, |
Security Gateway |
In a rare scenario, fast accel configuration may be deleted after an upgrade from R80.20 |
PRJ-10028, |
Security Gateway |
In a rare scenario, when the web server is defined, policy installation fails with "Error code 0-20000111". |
PRJ-9688, |
Security Gateway |
Traffic may be dropped on DAIP gateway after the gateway IP address is changed or the gateway is rebooted. Refer to sk165176. |
PRJ-8751, |
Security Gateway |
In some scenarios, incorrect number of outbound interfaces may be received when SecureXL is disabled. |
PRJ-10202, |
Security Gateway |
ICAP Client may not working properly when Threat Extraction blade is enabled.
|
PRJ-10279, |
Anti-Malware |
NEW: Added support to allow Threat Extraction to scan a file download in additional scenarios. |
PRJ-10960, |
SSL Inspection |
In a rare scenario, a memory leak may appear when SSL inspection is enabled. |
PRJ-7996, |
HTTPS Inspection |
WSDNSD memory leak may appear when updatable objects are configured in the policy. Refer to sk165616. |
PRJ-9405, |
HTTPS Inspection |
In some scenarios, wrong certificate is shown by HTTPS Inspection for some websites, including certificates issued by "CloudFlare Inc ECC CA-2". Refer to sk118392. |
PRJ-11092, |
IPS |
In some scenarios, a '+' (plus sign) in an HTTP URL may be replaced with ' ' (space) when the "Forensics" feature is turned on in Threat Prevention.
|
PRJ-9539, |
Identity Awareness |
Policy installation process has been improved. |
PRJ-10759, |
Identity Awareness |
In some scenarios, multiple "idapi_load_data_impl: session id <Session ID> not found in client_db, although ip <Session IP> was assigned to it" errors appear in /var/log/messages file. Refer to sk167174. |
PRJ-7673, |
Threat Prevention |
Improvements in HTTP chunked encoding inspection. |
PRJ-7640, |
Threat Prevention |
Improved enforcement of Threat Prevention blades in partial HTTP responses. |
PRJ-5790, |
Threat Extraction |
Link to the original file in Threat Extraction may not function properly (in cleaned files only). |
PRJ-2281, |
Logging |
NEW: Added CloudGuard SaaS Security Checkup that presents a summary of security activity and findings in your SaaS applications. This report allows reviewing phishing emails, malicious files and URLs, data loss incidents, Shadow IT detections and potentially compromised accounts. |
PRJ-7925, |
Logging |
Following changes in correlation unit settings, new logs may not be read by SmartEvent until the log_indexer process is restarted. |
PRJ-5574, |
Logging |
When a Log Server is configured to parse Syslog messages, the field "User" may be truncated in the parsed log in the Log Details view if the field contains underscore. |
PRJ-6023, |
Logging |
When restarting the FWD process on the Log server, the syslogd process (syslog daemon), may unexpectedly exit. |
PRJ-4448, |
Logging |
In SmartView, drilling down from the timeline widget to logs, may show less logs than expected. |
PRJ-5650, |
Logging |
In some scenarios, when the user creates a table widget in SmartView, there is no option to add the "hostname" field. Refer to sk162752. |
PRJ-8682, |
Logging |
In some scenarios, Threat Emulation Logs cannot be viewed in the logging or reporting views because of a certain format of the "file size" field sent from the Security Gateway. |
PRJ-8496, |
Logging |
In SmartView, when the user exports logs to CSV using the "visible columns" option, the following fields may be missing from the CSV file: Resource, Application Risk, Application Name, and Application Category. |
PRJ-5900, |
Logging |
It is not possible to query the "file_name" field on a Log server that does not have the SmartEvent activated. |
PRJ-434, |
Logging |
In SmartEvent, when the user customizes an event to accumulate logs by the field UUID, logs with UUID equal to 0 may not be correlated. |
PRJ-4982, |
Logging |
In SmartView, the percentage values in pie charts may add up to 99% or 101%. |
PRJ-9971, |
Logging |
In a Multi-Domain environment, one or more CMA's SMARTLOG_SERVER processes may fail to start after upgrade. Refer to sk165262. |
PRJ-8761, |
SecureXL |
NEW: Improved performance for multicast traffic after all listeners have been removed for an existing connection. |
PRJ-10399, |
SecureXL |
In some scenarios, asymmetric traffic is dropped on Security gateway with several Bridge interfaces. Refer to sk114976.
|
PRJ-8915, |
SecureXL |
In some scenarios, multicast packets arrive to the Security gateway in order, but leave out-of-order. |
PRJ-8979, |
SecureXL |
When PIM-SM multicast routing transitions from RPT to SPT, packets may be dropped or become out-of-order. |
PRJ-8982, |
SecureXL |
When NAT-T packets pass through a Security gateway, this traffic may be dropped. |
PRJ-10186, |
SecureXL |
In some scenarios, a general traffic latency is observed on the Security Gateway. Refer to sk165652. |
PRJ-9326, |
SecureXL |
In some scenarios, SNMP queries for SecureXL OIDs return incorrect values. |
PRJ-5029, |
SecureXL |
In a rare scenario, Security gateway may crash under heavy load. |
PRJ-2485 |
Routing |
PBR may not work for port or protocol used separately in a PBR rule.
|
PRJ-9074, |
Routing |
In some scenarios, a corrupted BGP AS4_PATH attribute value may result in an invalid, long BGP update that is rejected by the BGP peer. Refer to sk167157. |
PRJ-7490, |
Routing |
In some scenarios, the CLISH command for PBR results in an error. |
PRJ-5002, |
VSX |
Resource Monitor Control may cause segmentation fault when there are more than 64 CPUs. Refer to sk125112. |
PRJ-9994, |
VSX |
In some scenarios, traffic may be forwarded on bridge interface when member is down.
|
PRJ-10541, |
VSX |
In the menu of 'vsx_util vsls' #1 (Display current VS Load sharing configuration), the table shows cut names of VSs (original names are longer). |
PRJ-10556, |
VPN |
Improved the VPN Site-to-Site tunnel establishment scenario with IKEv2. |
PRJ-7014, |
VPN |
Added L2TP Remote Access client connectivity improvements. Refer to Scenario 2 in sk145895.
|
PRJ-6118, |
VPN |
In some scenarios, NAT-D traffic goes out from the first external interface. |
PRJ-11035, |
VPN |
In some scenarios, VPN traffic distribution change may cause high CPU consumption on one CPU core. Refer to sk165853.
|
PRJ-5763, |
VPN |
In some scenarios, accelerated VPN tunnels routed over PPPoE interface may cause drop of encrypted traffic of some connections. Refer to sk148872. |
PRJ-30753, |
VPN |
In some scenarios, when NAT is enabled, Route Based VPN traffic may be dropped. |
PRJ-2216, |
VoIP |
In some scenarios, VoIP calls are dropped with "SIP Re-Invites exceeded the limit" reject reason. Refer to sk145412. |
PRJ-7822, |
Gaia OS |
NEW: Added the /proc/sys/net/bridge/bpdu_forwarding flag to block BPDU packets per bridge setup on Gaia 3.10. |
PRJ-10803, |
Gaia OS |
CVE-2020-8597: pppd is vulnerable to buffer overflow. Refer to sk165875. |
PRJ-5186, |
Endpoint Security |
The log description of the "Media Encryption & Port Protection" blade may state that the "Media Storage" is encrypted even though it is not. The details in the log show the correct value. Refer to sk162812. |
- |
SMB |
NEW: R80.30 Jumbo Hotfix Accumulator Take 195 supports the new SMB 1500 appliances LSM. |
PRJ-10119, |
Compliance |
In some scenarios, database import on a single Domain machines where the Compliance blade is activated fails, and as a result, the FWM process unexpectedly exits after the import. |