Release Notes Threat Management Services zl Module ST.1.2.110909 11-2011

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

101

102

103

104

105

106

107

108

109

110

104

Known Issues

Release ST.1.0.090213

In the output, the Last Signature Download field appears as None even though the signatures

were synchronized.

■ PR_14823/14916 — When using the TMS zl Module CLI, the high-availability command lists

a rebalance option that is not valid for Active/Standby mode. In the web browser interface

for High Availability, a rebalance button is also present.

■ PR_15913 — When using High Availability in Active/Standby mode, if the connection count

is high and the connection rate is high, the transfer of TCP state information between the

Master and Participant may be too large and it doesn't complete. Once the connection rate

or count drops, the state is transferred correctly. However, should a failover from the Master

to the Participant occur at the time when TCP state information cannot be sent, there will

be an additional failover delay as applications re-establish their TCP state with the

Participant (now the Master after the failover).

Monitor Mode Only

■ PR_5928 — When in Monitor Mode, a scan of the open ports will reveal TCP port 616 and

TCP port 9999 as being open. The only way to block these ports is to setup a firewall access

policy to restrict them.

■ PR_7533 — If the TMS zl Module is in monitor mode, the IDS logs incorrectly show zones

Internal and Zone6 in the logs for data and management. These zone references are not correct

and should be ignored.

■ PR_11929 — When in monitor mode and using the TMS zl Module CLI, if you add an

management IP address, the CIDR format of IP-Address/mask is not accepted and you must

enter the IP address and Subnet Mask as separate values.

■ PR_14582 — In monitor mode, the CLI command ips help does not reflect the commands

that are actually available in monitor mode as opposed to routing mode.

■ PR_15837 — In monitor mode, the management VLAN can be deleted from the switch. In

routing Mode, the user is prevented from making this change on the switch.

Example:

Preconditions: monitor mode, management VLAN and management IP address have been set. In

this example, the management VLAN is 30.

Delete the management VLAN from the switch CLI.

HP Switch (tms-module-D:config)# no vlan 30

An error message should be displayed preventing the deletion of the VLAN due to its use by the

TMS zl Module. A user is not prevented from performing this action and the VLAN is deleted. As

a result, the web browser interface of the TMS zl Module can't be accessed because the

management VLAN has been deleted