Take 195 - Ongoing

List of Resolved Issues and New Features

Note - This Take contains all fixes from all earlier Takes.

ID	Product	Description
Take 195 Released on 26 April 2020
PRJ-8953, MCFG-246	Upgrade Tools	Upgrade from R80.20 to R80.30 may fail with messages related to cmsobfuscationkey.
PRJ-10629	Installation	Firmware upgrade for Small Office appliance using SmartProvisioning in Multi-Domain Management environment may fail.
PRJ-8644, CPM-2623	Security Management	NEW: Performance enhancements while the Management Server is under high load.
PRJ-8606, PRJ-8605	Security Management	NEW: Added ability to search in the Management Server by adding asterisk before any sequence of characters. For more information, refer to sk164873. Requires R80.30 SmartConsole Build 76 (or higher).
PRJ-9591, PMTR-38555	Security Management	Security hardening: The Management Server will block connection requests with a TLS version below 1.2 on port 19009.
PRJ-8896, PMTR-48673	Security Management	When an administrator fails to publish another administrator's session, the session of the other administrator disappears from the Sessions view in SmartConsole.
PRJ-7887, PMTR-46703	Security Management	In some scenarios, when the user modifies a policy rule and creates a section above it in the same session, the log tracker shows that the rule was created instead of modified.
PRJ-5794, PMTR-40790	Security Management	In some scenarios, after the user manually performs "Full Sync", a newly created secondary Domain Server or Domain Log Server is not shown in SmartConsole's Domains view.
PRJ-678, PMTR-36302	Security Management	In some scenarios, Check Point services fail to start and the CPM log shows that there are duplicate session aggregators.
PRJ-9265, PMTR-49516	Security Management	Policy verification may fail after the user does the following steps: Configures specific install targets for a policy, publishes them, changes the install targets back to "All Gateways", and tries to install them on a Gateway which is not in the original list of targets.
PRJ-6704, PMTR-44004	Security Management	In a rare scenario, when viewing the Layer History, some revisions not relevant to the selected Layer may be shown.
PRJ-8394, PMTR-45121	Security Management	In a rare scenario, tasks do not appear in the Tasks notifications bar even though they are running.
PRJ-9261, PMTR-49143	Security Management	Upgrade of Multi-Domain Server may fail when the source version is R80.10 and there is no license configured on the target machine.
PRJ-9668, PRJ-4734, PRHF-5341	Security Management	In a rare scenario, the FWD process on the Security Management may unexpectedly exit during peak hours.
PRJ-10088, PMTR-50276	Security Management	The cpm_solr process may unexpectedly exit and cause one of the following: The upgrade of a Management machine may stuck on 58% The Management HA synchronization may fail with "NGM failed to import data" error Users may not be able to log in.
PRJ-9089, PRHF-8266	Security Management	In a rare scenario, when an environment has many Gateways (dozens), the FWM daemon may unexpectedly exit when 4 GB of memory is reached. Refer to sk165015.
PRJ-7819, PRHF-4644	Security Management	In some scenarios, SmartView Monitor unexpectedly terminates when the user selects the Specific QoS Rules option in Top QoS Rules.
PRJ-7768, PRHF-7425	Security Management	In rare scenarios, publishing a session fails with the following "Action Failed due to an Internal Error" error. Discarding the session in SmartConsole completes as "discarded", but the changes are still there. The same behavior occurs in the Management API: mgmt_cli -r true discard uid <UID> number-of-discarded-changes: 4 message: "OK"
PRJ-5447, PMTR-40663	Security Management	In some scenarios, an unclear error appears when the user imports a global policy on a Multi-Domain Management Server. The error is caused by a mismatch between the leading interface defined on the machine and the one defined in the database.
PRJ-9299, PRHF-8336	Security Management	In a rare scenario, the "SmartDashboard component failed to connect to server <IP address>. Please contact technical support" error is displayed in SmartConsole when opening the Management object for editing.
PRJ-8230, PRHF-7728	Security Management	The "Unused Objects" filter in Object Explorer may display a failure message if there are more than 20000 unused objects. A limit was added so that only the first 5000 objects will be displayed.
PRJ-9322, PRHF-8494	Security Management	In some scenarios, a disconnected SmartView Monitor session appears in SmartConsole with a grayed out 'Disconnect' option, which cannot be discarded. Refer to sk165037.
PRJ-9171, PMTR-48463	Multi-Domain Management	NEW: Performance improvement for Multi-Domain environments in which many administrators are connected.
PRJ-9236, PMTR-45644	Multi-Domain Management	NEW: Performance enhancements for the delete Domain operation.
PRJ-10746, PMTR-50936	Multi-Domain Management	In some scenarios, policy installation from the Domain Management Server fails after mds_backup procedure that was interrupted. Refer to sk165559.
PRJ-10530, PRHF-8581	Multi-Domain Management	The mds_import.sh script may fail if the IPS version for a Domain/CMA does not exist on the R80.x Multi-Domain Management Server.
PRJ-11176, PMTR-51890	Multi-Domain Management	In some scenarios, Full synchronization fails in the Global Domain with "Full sync with peer '[Peer Name]' NGM failed to import data" error. Refer to sk145972.
PRJ-10363, PMTR-51017	Multi-Domain Management	After performing Full synchronization or failover of the Global Domain, the following operations may fail (refer to sk145972): Global Domain reassignment IPS or Application Control updates in the Global Domain
PRJ-11166, PMTR-51180	Multi-Domain Management	In a rare scenario, synchronization between Multi-Domain Management Servers breaks after revisions purge operation.
PRJ-2630	Multi-Domain Management	In a Multi-Domain Management environment with more than 50 Domains, some Domains are not displayed in the SmartEvent GUI.
PRJ-9240, PRJ-9743, PRHF-8077	Multi-Domain Management	In some scenarios, secondary MDS or MLM fail to renew a management certificate. Refer to sk164732.
PRJ-6985, PMTR-44593	Multi-Domain Management	In some scenarios, there may be high Solr CPU on Multi-Domain Management Servers with dozens of Domains.
PRJ-9698. PRHF-8593	Multi-Domain Management	MLM may open a connection to the reversed IP address of the Multi-Domain Server.
PRJ-10526, PRHF-8686	Multi-Domain Management	Upgrade of Multi-Domain Server may fail if Sync With User Center is running.
PRJ-9281, PMTR-49566	SmartConsole	NEW: Enhancement: Two new flags were added for the performance improvement of Threat Protection API commands: 'show-profiles' and 'show-ips-additional-properties'. The default value for both flags is false.
PRJ-3771, PRHF-2388	SmartConsole	In "Top services" view of SmartView Monitor, "cp_tcp_A936..." service is displayed instead of "https" service. Refer to sk146052.
PRJ-9465, PMTR-49817	SmartConsole	In some scenarios, when the user attempts to delete a Gateway / Cluster member, an error message may appear and the operation may not complete successfully.
PRJ-4063, PRJ-71	SmartConsole	Objects of Unused Access Roles are not visible in the Object Explorer. Refer to sk151896.
PRJ-9079, API-864	SmartConsole	In some scenarios, the Management Server may unexpectedly exit following authenticated API commands to create or update objects with extremely long comments.
PRJ-9549, PRJ-9544	SmartConsole	When the user invokes the 'show-access-layer' API command, the parent layer may be missing from the output result.
PRJ-1449, PRHF-3822	SmartConsole	In some scenarios, the api.elg log is flooded with the the "Returning default standard reply class" message.
PRJ-10287, PRHF-3128	SmartConsole	"An internal error has occurred. (Code: 0x8003001D, Could not access file for write operation)" error is displayed when editing IKE PSK on "External User Profile" objects using Legacy SmartDashboard. Refer to Scenario 2 in sk119973.
PRJ-7054, PMTR-43349	SmartConsole	When performing Backup and Restore, user may get a misleading message that these operations are supported only for Gaia.
PRJ-10634, PRJ-10705, PRJ-10710, PMTR-45783	SmartProvisioning	In some scenarios, after creating a Small Office gateway using LSMCli, some fields in the Gateway object on the SmartProvsioning are not populated.
PRJ-10139, PMTR-43309	SmartProvisioning	Deletion of LSM Robo cluster may cause the FWM process to unexpectedly exit.
PRJ-8017, PMTR-46682	SmartView	SmartView may show wrong time in tables and graphs for clients located in Brazil.
PRJ-8134, PMTR-45751	SmartView	"The process <process-name> which is monitored by watchdog restarted more than once in the last half an hour" error may appear in the SmartEvent GUI status window even though the process has been up for more than 30 minutes.
PRJ-7922, PMTR-46737	SmartView	In the Logs page of the SmartView web application, the "File Name" filter may appear twice in the quick filters pane.
PRJ-7724, PRHF-7326	SmartView	In SmartView, when filtering a view using special characters in the search bar and exporting to Excel, the file may be generated empty.
PRJ-10373, PRHF-8973	SmartView	In some scenarios, after user imports view/report in SmartView, the imported view/report is not shown in the Catalog.
PRJ-4329, SE-331	SmartEvent	In some scenarios, automatic reactions in SmartEvent are sent with the "Destination address" field containing the resolved country name instead of the raw IP value. Refer to sk146992.
PRJ-7497, PRHF-7101	SmartEvent	When using SmartEvent automatic reactions, .MHT files in $RTDIR/tmp* directory are not cleaned up in case of email sending failure.
PRJ-10467, PMTR-49504	Security Gateway	In a rare scenario, after upgrading a Security Gateway to R80.30, the LOG_INDEXER process running on the Log server may consume 100% CPU and cause the indexing backlog.
PRJ-9443, PRJ-9444, PRJ-9416	Security Gateway	Added logs for packets that include invalid TCP options. This feature is disabled by default.
PRJ-9558, PRJ-9559, PMTR-48022	Security Gateway	In a rare scenario, fast accel configuration may be deleted after an upgrade from R80.20
PRJ-10028, PMTR-50431	Security Gateway	In a rare scenario, when the web server is defined, policy installation fails with "Error code 0-20000111".
PRJ-9688, PRJ-9689, PMTR-46451	Security Gateway	Traffic may be dropped on DAIP gateway after the gateway IP address is changed or the gateway is rebooted. Refer to sk165176.
PRJ-8751, PRJ-8752, PMTR-46471	Security Gateway	In some scenarios, incorrect number of outbound interfaces may be received when SecureXL is disabled.
PRJ-10202, PRJ-10203, PRHF-9508	Security Gateway	ICAP Client may not working properly when Threat Extraction blade is enabled. To enable the fix, set the enable_icap_with_strict_hold parameter to 1
PRJ-10279, PRJ-10308, PMTR-50683	Anti-Malware	NEW: Added support to allow Threat Extraction to scan a file download in additional scenarios.
PRJ-10960, PRJ-10737, PRHF-9265	SSL Inspection	In a rare scenario, a memory leak may appear when SSL inspection is enabled.
PRJ-7996, PRJ-7997, PMTR-46960	HTTPS Inspection	WSDNSD memory leak may appear when updatable objects are configured in the policy. Refer to sk165616.
PRJ-9405, PRJ-10362, PMTR-51402	HTTPS Inspection	In some scenarios, wrong certificate is shown by HTTPS Inspection for some websites, including certificates issued by "CloudFlare Inc ECC CA-2". Refer to sk118392.
PRJ-11092, PRJ-4418	IPS	In some scenarios, a '+' (plus sign) in an HTTP URL may be replaced with ' ' (space) when the "Forensics" feature is turned on in Threat Prevention. Fix is relevant for Gaia 3.10 only.
PRJ-9539, PRJ-9540, PRHF-4033	Identity Awareness	Policy installation process has been improved.
PRJ-10759, PRJ-10760, IDA-2866	Identity Awareness	In some scenarios, multiple "idapi_load_data_impl: session id <Session ID> not found in client_db, although ip <Session IP> was assigned to it" errors appear in /var/log/messages file. Refer to sk167174.
PRJ-7673, PMTR-45649	Threat Prevention	Improvements in HTTP chunked encoding inspection.
PRJ-7640, PMTR-45565	Threat Prevention	Improved enforcement of Threat Prevention blades in partial HTTP responses.
PRJ-5790, PRJ-10192, PMTR-43536	Threat Extraction	Link to the original file in Threat Extraction may not function properly (in cleaned files only).
PRJ-2281, PMTR-38493	Logging	NEW: Added CloudGuard SaaS Security Checkup that presents a summary of security activity and findings in your SaaS applications. This report allows reviewing phishing emails, malicious files and URLs, data loss incidents, Shadow IT detections and potentially compromised accounts.
PRJ-7925, PMTR-42913	Logging	Following changes in correlation unit settings, new logs may not be read by SmartEvent until the log_indexer process is restarted.
PRJ-5574, PRHF-6592	Logging	When a Log Server is configured to parse Syslog messages, the field "User" may be truncated in the parsed log in the Log Details view if the field contains underscore.
PRJ-6023, PRHF-4951	Logging	When restarting the FWD process on the Log server, the syslogd process (syslog daemon), may unexpectedly exit.
PRJ-4448, PMTR-39444	Logging	In SmartView, drilling down from the timeline widget to logs, may show less logs than expected.
PRJ-5650, PRHF-6080	Logging	In some scenarios, when the user creates a table widget in SmartView, there is no option to add the "hostname" field. Refer to sk162752.
PRJ-8682, PRHF-7856	Logging	In some scenarios, Threat Emulation Logs cannot be viewed in the logging or reporting views because of a certain format of the "file size" field sent from the Security Gateway.
PRJ-8496, PRHF-7875	Logging	In SmartView, when the user exports logs to CSV using the "visible columns" option, the following fields may be missing from the CSV file: Resource, Application Risk, Application Name, and Application Category.
PRJ-5900, PRHF-6120	Logging	It is not possible to query the "file_name" field on a Log server that does not have the SmartEvent activated.
PRJ-434, PRHF-2797	Logging	In SmartEvent, when the user customizes an event to accumulate logs by the field UUID, logs with UUID equal to 0 may not be correlated.
PRJ-4982, SL-2893	Logging	In SmartView, the percentage values in pie charts may add up to 99% or 101%.
PRJ-9971, SL-3551	Logging	In a Multi-Domain environment, one or more CMA's SMARTLOG_SERVER processes may fail to start after upgrade. Refer to sk165262.
PRJ-8761, PRJ-8762, PMTR-40390	SecureXL	NEW: Improved performance for multicast traffic after all listeners have been removed for an existing connection.
PRJ-10399, PRJ-4542, 02390699	SecureXL	In some scenarios, asymmetric traffic is dropped on Security gateway with several Bridge interfaces. Refer to sk114976. This fix adds a feature to support certain types of asymmetric bridged configurations.
PRJ-8915, PRJ-8890	SecureXL	In some scenarios, multicast packets arrive to the Security gateway in order, but leave out-of-order.
PRJ-8979, PRJ-8980, PRJ-8977	SecureXL	When PIM-SM multicast routing transitions from RPT to SPT, packets may be dropped or become out-of-order.
PRJ-8982, PMTR-44150	SecureXL	When NAT-T packets pass through a Security gateway, this traffic may be dropped.
PRJ-10186, ACCHA-127	SecureXL	In some scenarios, a general traffic latency is observed on the Security Gateway. Refer to sk165652.
PRJ-9326, PRJ-10646, PRJ-2546	SecureXL	In some scenarios, SNMP queries for SecureXL OIDs return incorrect values.
PRJ-5029, PRJ-10179, PMTR-39590	SecureXL	In a rare scenario, Security gateway may crash under heavy load.
PRJ-2485	Routing	PBR may not work for port or protocol used separately in a PBR rule. Fix is relevant for Gaia 3.10 only.
PRJ-9074, PRJ-9850, PRHF-8337	Routing	In some scenarios, a corrupted BGP AS4_PATH attribute value may result in an invalid, long BGP update that is rejected by the BGP peer. Refer to sk167157.
PRJ-7490, PRJ-8224, PMTR-39273	Routing	In some scenarios, the CLISH command for PBR results in an error.
PRJ-5002, PRHF-5471	VSX	Resource Monitor Control may cause segmentation fault when there are more than 64 CPUs. Refer to sk125112.
PRJ-9994, PMTR-47050	VSX	In some scenarios, traffic may be forwarded on bridge interface when member is down. Fix is relevant for Gaia 3.10 only.
PRJ-10541, PMTR-51263	VSX	In the menu of 'vsx_util vsls' #1 (Display current VS Load sharing configuration), the table shows cut names of VSs (original names are longer).
PRJ-10556, PRJ-10557, VPNS2S-938	VPN	Improved the VPN Site-to-Site tunnel establishment scenario with IKEv2.
PRJ-7014, PRHF-2844	VPN	Added L2TP Remote Access client connectivity improvements. Refer to Scenario 2 in sk145895. Fix is relevant for Gaia 2.6.18 only.
PRJ-6118, PMTR-44901	VPN	In some scenarios, NAT-D traffic goes out from the first external interface.
PRJ-11035, PMTR-36437	VPN	In some scenarios, VPN traffic distribution change may cause high CPU consumption on one CPU core. Refer to sk165853. Fix is relevant for Gaia 2.6.18 only.
PRJ-5763, PRJ-6093, PMTR-43541	VPN	In some scenarios, accelerated VPN tunnels routed over PPPoE interface may cause drop of encrypted traffic of some connections. Refer to sk148872.
PRJ-30753, PRJ-30754, PRHF-19484	VPN	In some scenarios, when NAT is enabled, Route Based VPN traffic may be dropped.
PRJ-2216, PRJ-9931, PMTR-30347	VoIP	In some scenarios, VoIP calls are dropped with "SIP Re-Invites exceeded the limit" reject reason. Refer to sk145412.
PRJ-7822, PMTR-44869	Gaia OS	NEW: Added the /proc/sys/net/bridge/bpdu_forwarding flag to block BPDU packets per bridge setup on Gaia 3.10.
PRJ-10803, PRJ-10804, PRJ-10810, PMTR-50836	Gaia OS	CVE-2020-8597: pppd is vulnerable to buffer overflow. Refer to sk165875.
PRJ-5186, PRHF-5617	Endpoint Security	The log description of the "Media Encryption & Port Protection" blade may state that the "Media Storage" is encrypted even though it is not. The details in the log show the correct value. Refer to sk162812.
-	SMB	NEW: R80.30 Jumbo Hotfix Accumulator Take 195 supports the new SMB 1500 appliances LSM.
PRJ-10119, PRJ-9633	Compliance	In some scenarios, database import on a single Domain machines where the Compliance blade is activated fails, and as a result, the FWM process unexpectedly exits after the import.