TippingPoint Intrusion Prevention System TippingPoint Operating System(TOS) v3.9.6 公開のお知らせ：サポート情報 : トレンドマイクロ＠新機能追加と累積修正対応

TippingPoint Intrusion Prevention System TippingPoint Operating System(TOS) v3.9.6 公開のお知らせ：サポート情報 : トレンドマイクロ

TippingPoint Intrusion Prevention System TippingPoint Operating System(TOS) v3.9.6 を以下の通り公開いたしました。
■公開開始日
2019年09月12日(木)
本リリースの対象製品・モデルは以下の通りです。
TippingPoint IPS N シリーズ( 660N / 1400N / 2500N / 5100N / 6100N )
TippingPoint IPS NX シリーズ(2600NX / 5200NX / 6200NX / 7100NX / 7500NX)
※他の TippingPoint 製品・モデルは本リリースの適用対象外です
詳細については Release Notes(英語)をご覧ください
■入手方法
Trend Micro TippingPoint Threat Management Centerからアップグレード用のモジュールやドキュメントをダウンロード
することができます。
※ログインには事前に TMC アカウントの作成が必要です。
サポート情報 : トレンドマイクロ

Release Contents

Description Reference

IPS systems now query the proper IPv4/IPv6 default gateway when setting an IPv6 IP
address on the management port. TIP-33933

The device no longer enters Layer 2 Fallback after modifying or disabling multiple inspection
bypass rules (within 5 seconds of each other) from the SMS client. SEG-48105

An issue causing high memory usage on the device has been addressed. SEG-53671

An issue in which repeated distributions of security profiles containing profile exceptions
caused latency and packet drops has been corrected. SEG-48992

An issue preventing block logs to not be displayed or sent to a SMS has been corrected. SEG-43880

Known issues

Description Reference

Reference Devices configured to connect to an NTP server using the server hostname no
longer connect to the NTP server after a reboot. To avoid this issue, always establish an NTP
server connection using the IPv4/ IPv6 address of the NTP server. 118020

Microsoft Edge or Microsoft Internet Explorer might not connect to the LSM. To resolve this
issue, use the conf t server TLS command to enable TLS v1.0 on the IPS security
device. Be aware that TLS v1.0 is a weak encryption algorithm. Consider using another
supported browser instead. For more information about using the conf t server
command, refer to the IPS Command Line Interface Reference. 117878

Modifying a profile or changing which profile is applied to the ANY-ANY virtual segment of a
device, while that device is unmanaged from SMS, can cause an out-of-sync condition when
the device is remanaged to the SMS. The recovery for the out-of-sync condition is to reboot
the device. To avoid this condition, make changes to the ANY-ANY virtual segment only
through the SMS. 124603

Common CIDRs, such as /56 and /64, cannot be used for IPv6 bypass rules. 124529

http://docs.trendmicro.com/all/tip/ips/v3.9.6/en-us/ips_3.9.6_rn.pdf

Description	Reference
IPS systems now query the proper IPv4/IPv6 default gateway when setting an IPv6 IP address on the management port.	TIP-33933
The device no longer enters Layer 2 Fallback after modifying or disabling multiple inspection bypass rules (within 5 seconds of each other) from the SMS client.	SEG-48105
An issue causing high memory usage on the device has been addressed.	SEG-53671
An issue in which repeated distributions of security profiles containing profile exceptions caused latency and packet drops has been corrected.	SEG-48992
An issue preventing block logs to not be displayed or sent to a SMS has been corrected.	SEG-43880

Description	Reference
Reference Devices configured to connect to an NTP server using the server hostname no longer connect to the NTP server after a reboot. To avoid this issue, always establish an NTP server connection using the IPv4/ IPv6 address of the NTP server.	118020
Microsoft Edge or Microsoft Internet Explorer might not connect to the LSM. To resolve this issue, use the conf t server TLS command to enable TLS v1.0 on the IPS security device. Be aware that TLS v1.0 is a weak encryption algorithm. Consider using another supported browser instead. For more information about using the conf t server command, refer to the IPS Command Line Interface Reference.	117878
Modifying a profile or changing which profile is applied to the ANY-ANY virtual segment of a device, while that device is unmanaged from SMS, can cause an out-of-sync condition when the device is remanaged to the SMS. The recovery for the out-of-sync condition is to reboot the device. To avoid this condition, make changes to the ANY-ANY virtual segment only through the SMS.	124603
Common CIDRs, such as /56 and /64, cannot be used for IPv6 bypass rules.	124529