TMS zl Module Release Notes ST.1.2.100916
Table Of Contents
- Release Notes: Version ST.1.2.100916 Software for the HP ProCurve Threat Management Services zl Module
- Contents
- Software Management
- Download Documentation from the Web
- Software Updates
- Special Considerations Prior to Updating
- Clarifications
- Enhancements
- Enhancements in ST.1.2.100916
- ST.1.1.100430
- ST.1.1.100226
- Command Line Interface (CLI) control of VPN functionality
- RADIUS authentication for management logins
- RADIUS authentication for L2TP users
- Renaming zones
- 256 VLANs now supported, increased from 19 VLANs
- Enhanced sort and filter capabilities for displaying log files
- Improved SNMP Monitoring for network traffic and key system resources
- Software Fixes in Releases ST.1.0.090213 - ST.1.2.100916
- Known Issues
80
Known Issues
Release ST.1.0.090603
High Availability (HA)
■ PR_38143 — A better description should be added to the log message when the Participant
leaves the Active-Standby configuration. The current message is as follows:
19:11:44" severity=info pri=6 fw=POSTMR id=hacl_vsrp msg="Detected device
down" proto=VRRP masterid=2 vsrpstate="MASTER" clusterstatus="Disabled"
mgmt_ipaddress="10.10.10.200" vsrpid=4 hastatus="Enabled"
devicerole="MASTER" deviceid=2 subfamid=vsrpsubfamily mtype=vsrp mid=22076
■ PR_38921 — In the High Availability Active-Standby mode, saving and synchronizing in
Internet Explorer 7 from the signature page will result in a Slow Script dialog being displayed.
Example:
Preconditions:
•IE7 browser
•IPS signatures have been downloaded
•HA A/S has been enabled
1. Go to IPS>Signatures>View page and wait until signatures are loaded.
2. Save the configuration and select Yes in the Confirm window. The warning message Stop
running this script? is displayed and the Participant does not synchronize.
As a workaround, synchronize the Participant from another location in the Web Interface.
■ PR_38948 — In an HA environment, should the administrator need to delete the fail-over
connections on a participant, they can only delete up to 200,000 connections at a time and
not the entire connection list (up to 600,000).
Monitor Mode
■ PR_39263 — The following log messages are shown in Monitor Mode and are not applicable
to Monitor Mode: mid=625, mid=626, mid=675, mid=715, mid=1008, and mid=1356.
time="2009-04-15 15:59:01" severity=warning pri=4 fw=ProCurve-TMS-zl-Module
id=fw_l2l3_attack msg="FW: packet with invalid tcp flags found, packets
dropped" srczone=INTERNAL src=192.168.80.5 srcport=48654 dstzone=INTERNAL
dst=192.168.80.1 dstport=22 proto=TCP subfamid=packetheaderanomaly
mtype=attack mid=625
time="2009-04-15 15:59:02" severity=warning pri=5 fw=ProCurve-TMS-zl-Module
id=fw_access_control ruleid=10 msg="FW: packet appears after connection is
closed, packets dropped" srczone=INTERNAL src=192.168.80.5 srcport=48668
dstzone=INTERNAL dst=192.168.80.1 dstport=22 proto=TCP rcvd=0 rcvdsc=0
sent=0 sentsc=0 srcnatport=0 destnatport=0 destnatipaddr=0.0.0.0 subf-
amid=accessdeny mtype=access_control mid=626 srcnatipaddr=0.0.0.0