TMS zl Module Release Notes ST.1.2.100916
Table Of Contents
- Release Notes: Version ST.1.2.100916 Software for the HP ProCurve Threat Management Services zl Module
- Contents
- Software Management
- Download Documentation from the Web
- Software Updates
- Special Considerations Prior to Updating
- Clarifications
- Enhancements
- Enhancements in ST.1.2.100916
- ST.1.1.100430
- ST.1.1.100226
- Command Line Interface (CLI) control of VPN functionality
- RADIUS authentication for management logins
- RADIUS authentication for L2TP users
- Renaming zones
- 256 VLANs now supported, increased from 19 VLANs
- Enhanced sort and filter capabilities for displaying log files
- Improved SNMP Monitoring for network traffic and key system resources
- Software Fixes in Releases ST.1.0.090213 - ST.1.2.100916
- Known Issues
25
Software Fixes in Releases ST.1.0.090213 - ST.1.2.100916
Release ST.1.0.090603
■ PR_38564 — The log message with the message ID of 648 is marked as critical should not be.
time="2009-04-01 11:41:59" severity=critical pri=1
fw=ProCurve-TMS-zl-Module id=fw_l2l3_attack msg="ICMP:Error message
not allowed by firewall" srczone=INTERNAL src=192.168.0.1
dstzone=EXTERNAL dst=192.168.1.56 proto=ICMP icmptype=3 subf-
amid=icmppacketanomaly mtype=attack mid=648 icmpcode=1
The severity has been changed to warning and the priority attribute has been changed from 1 to 4.
■ PR_39231 — Log message with message ID 643 is marked as critical but is not critical.
time="2009-04-15 09:25:53" severity=critical pri=1
fw=ProCurve-TMS-zl-Module id=fw_l2l3_attack msg="ICMP: packet with
invalid sequence number appeared, packets dropped" srczone=INTERNAL
src=192.168.80.1 dstzone=INTERNAL dst=192.168.80.5 proto=ICMP icmp-
type=0 subfamid=icmppacketanomaly mtype=attack mid=643 icmpcode=0
■ PR_39235 — Log messages for message IDs of 655, 653, 612, 601,1356, 608, and 642 are
marked as critical are not critical
time="2009-04-15 10:18:02" severity=critical pri=1
fw=ProCurve-TMS-zl-Module id=fw_l2l3_attack msg="IPROUTE: source ip
address is set to be broadcast ip, packets dropped" srczone=INTERNAL
src=255.0.0.0 srcport=0 dstzone=INTERNAL dst=192.168.80.1 dstport=0
proto=235 subfamid=routeanomaly mtype=attack mid=655
time="2009-04-15 10:20:22" severity=critical pri=1
fw=ProCurve-TMS-zl-Module id=fw_l2l3_attack msg="FW: no protocol
option set in packet header, packets dropped" srczone=INTERNAL
src=192.0.80.5 dstzone=UNKNOWN_ZONE dst=192.168.80.1 proto=ICMP
subfamid=packetheaderanomaly mtype=attack duplicatecount=500
mid=612
time="2009-04-15 10:19:55" severity=critical pri=1
fw=ProCurve-TMS-zl-Module id=fw_l2l3_attack msg="FW: packet
checksum check failed, packets dropped" srczone=UNKNOWN_ZONE
src=192.0.80.5 srcport=0 dstzone=UNKNOWN_ZONE dst=192.168.80.1
dstport=0 proto=244 subfamid=checksumanomaly mtype=attack mid=601
time="2009-04-15 10:17:15" severity=critical pri=1
fw=ProCurve-TMS-zl-Module id=fw_l2l3_attack msg="IP fragment data-
length is not in units of 8 octets" srczone=UNKNOWN_ZONE src=0.0.0.0
srcport=0 dstzone=UNKNOWN_ZONE dst=0.0.0.0 dstport=0 proto=0 subf-
amid=intergritycheck mtype=attack mid=1356