Resolved Issues

R23-1 PHF3.2.0

Category

Reference ID

Also in

Description

Backup and Restore

TOS-83443

R24-1 PRC1.0.0

 Unexpected behavior, such as high CPU usage, slow response time, and incorrect violation calculations, occurs after restoring from backup. Note that after upgrading to this hotfix, you must make a new backup.

R23-1 PHF3.1.0

Category

Reference ID

Also in

Description

Security

TOS-81560

R22-2 PHF4.1.0

R23-2 PHF1.0.0

Resolved an issue where one of the TOS internal APIs could be accessed without authentication, something that could cause information disclosure

R23-1 PHF3.0.0

Category

Reference ID

Also in

Description

Configuration

 TOS-79147

R23-2 PGA.0.0

R23-2 PFH1.0.0

R24-1 PRC1.0.0

 Resolved an issue in which the JAVA_TOOL_OPTIONS string length exceeded the maximum limit after upgrading. (SR125582)

Designer

TOS-76902

 

Resolved an issue in which Designer fails with a timeout message. (SR115750)

Designer

TOS-77095

 

For Check Point CMA devices, resolved an issue in which it was impossible to edit the position of a rule in Designer results. (SR121290)

Designer

TOS-79976

R23-2 PHF1.0.0

For Cisco ASA devices, resolved an issue in which Designer suggested creating an empty group when an access request contained two different access control lists for the same device. (SR115409)

Device Monitoring

TOS-75721

R23-2 PGA.0.0

R24-1 PRC1.0.0

For Cisco FMC devices, resolved an issue in associate High Availability FTDs with policies when the version of the FMC was 7.2 and above. (SR117139)

Device Monitoring

TOS-76502

R23-2 PGA.0.0

For Cisco FMC devices, resolved an issue in which revision retrieval failed when the IPv6 static route contained "none" as an interface. (SR122103)

Device Monitoring

TOS-76514

 

For Cisco FMC devices, resolved an issue in associate High Availability FTDs with policies when the version of the FMC was 7.2 and above. (SR114820)

Device Monitoring

TOS-77129

R23-2 PGA.0.0

For Fortinet FMG devices, resolved an issue when prehandling syslog messages caused an out-of-memory scenario. (SR123385)

Device Monitoring

TOS-77703

R23-2 PGA.0.0

R24-1 PRC1.0.0

For Fortinet FMG devices with SDWAN and version 7 and later, resolved an issue in which revision retrieval failed for Fortigate devices with a version of 6.4 or earlier. Note that there was no issue with ADOMS and FMG. (SR121845)

Device Monitoring

TOS-78133

 

For Checkpoint SMC/CMA devices, resolved an issue in which the configuration log displayed errors due to a failure to parse CPTag/CPDomain. (SR122539)

Device Monitoring

TOS-78288

R23-2 PHF1.0.0

R24-1 PRC1.0.0

For Fortigate devices, fixed an inconsistency for revision interfaces; unconfigured interfaces will have an empty IP field now instead of 0.0.0.0/0. (SR120974)

Device Monitoring

TOS-79037

R23-2 PHF1.0.0

For Cisco FMC devices, resolved an issue in which extended CIDR masks were not supported. (SR124254)

Device Monitoring

TOS-79429

R23-2 PHF1.0.0

Resolved an issue in which rule indexing took longer than expected due to duplicate paths. (SR99817)

Device Monitoring

TOS-80487

R23-2 PHF1.0.0

Resolved an issue in which revision retrieval failed when the process ended before completion. (SR124698)

Resources

TOS-75125

R23-2 PGA.0.0

R24-1 PRC1.0.0

Resolved an issue in which indexing SecureApp server applications caused an out-of-memory scenario. (SR116838)

Risk Analysis

TOS-75872

R23-2 PGA.0.0

Resolved an issue in which Risk Analysis failed when the first or last name of the admin user contained a letter with an umlaut. (SR119730)

Rule Recertification

TOS-79512

R24-1 PRC1.0.0

Resolved an issue in which the Backwards Compatibility API that edits rule documentation overwrote the rule certification status. (SR120593)

Topology

TOS-75871

R23-1 PGA.0.0

Resolved an issue in which devices with incorrect interfaces prevented the interactive map from loading.

Topology

TOS-76675

R23-2 PGA.0.0

For FortiManager devices, resolved an issue related to Central NAT calculations that caused topology jobs to fail. (SR122858)

Topology

TOS-77872

R23-2 PGA.0.0

Resolved an issue in which the device log collection for APGs defaulted to One month when a specific date was entered. (SR122882)

Topology

TOS-78313

 

Resolved an issue in which an incorrect calculation for SDWAN caused blocked traffic in the Interactive map. (SR121132)

Topology

TOS-78371

R23-2 PGA.0.0

R24-1 PRC1

For Check Point devices, resolved an issue preventing automatically created rules with Hide NAT from appearing in the Interactive Map. (SR127545)

Topology

TOS-78639

R23-2 PHF1.0.0

Resolved an issue in which traffic was incorrect after an SRX NAT simulation with an Cisco ACI device in the path. (SR122770)

Topology

TOS-79103

R23-2 PHF1.0.0

Resolved an issue in which the path calculation failed when the next hop was a cloud with an MPLS interface leading to it. (SR125046)

Topology

TOS-79880

R23-2 PHF1.0.0

Resolved an issue in which the Interactive map failed to show default BGP routes. (SR124258)

Verifier

TOS-76139

 

Resolved an issue in which Verifier and impact analysis in Server Decommission tickets failed when there was a network object without an IP address. (SR119984)

Verifier

TOS-79978

R23-2 PHF1.0.0

R24-1 PRC1.0.0

Resolved an issue in which Verifier does not support ICMP 0 service. (SR126758)

R23-1 PHF2.1.0

Category

Reference ID

Also in

Description

Upgrades

TOS-77990

TOS-77880

Resolved an issue in which the last modified date in the Rule Viewer was lost when upgrading TOS, for some Stonesoft, Check Point and Fortinet devices.

R23-1 PHF2.0.0

Category

Reference ID

Also in

Description

APG

TOS-72726

R23-2 PRC1.0.0

For Fortigate devices, resolved an issue impacting the performance of loading the device to an APG job. (SR116961)

Authentication

TOS-74363

R23-2 PRC1.0.0

Resolved a user interface issue impacting some users who were logging into SecureChange via TOS SSO. (SR116196)

Database

TOS-74931

R23-2 PGA.0.0

Resolved an issue causing the database growing abnormally large due to a problematic report. (SR116563)

Designer

TOS-71975

 

Resolved an issue causing Designer to suggest creating a new SecureApp group as the source when a matching group already exists. (SR114129)

Designer

TOS-72332

R23-2 PRC1.0.0

Resolved an issue in which provisioning failed after modifying data in Designer. (SR115493, SR116420)

Designer

TOS-73306

R23-2 PRC1.0.0

For FortiManager devices with a central NAT, resolved an issue preventing Designer from returning suggestions. (SR117273)

Designer

TOS-74763

 

For Cisco ASA devices, resolved an issue in which Designer suggested using a group before creating the group. (SR115409)
Device Monitoring TOS-55199 R23-2 PRC1.0.0 For Cisco ASA devices, resolved an issue when editing existing device in which the Login check box in Stage 2 was enabled automatically. (SR120892)

Device Monitoring

TOS-76172

R23-2 PGA.0.0

For monitored FortiManager devices, whose VDOMs had no rules, resolved an issue in which sync service did not get a report and therefore failed migration. (SR121834)
Device Monitoring TOS-72151 R23-2 PRC1.0.0 For Panorama devices, resolved an issue in which these devices could not be added if the string "port" appeared in the user name. (SR116014)

Device Monitoring

TOS-73080

R23-2 PRC1.0.0

Resolved an issue preventing hits on a policy from being shown when the policy name contained a semicolon and space characters. (SR115999)

Device Monitoring

TOS-73617

R23-2 PRC1.0.0

For Cisco ASA devices, resolved an issue in which a rule usage failure occurred when the device IP was parsed incorrectly. (SR117409)

Device Monitoring

TOS-73756

 

For GCP devices, resolved an issue in which a virtual machine with a Null description caused the client to return an error. (SR118290)

Device Monitoring

TOS-75119

R23-2 PGA.0.0

R24-1 PRC1.0.0

For NSX devices, resolved an issue preventing revisions from being retrieved. (SR114423, SR119628)

Device Monitoring

TOS-76407

R23-2 PGA.0.0

R24-1 PGA.0.0

R23-1 PHF3.0.0

For specific FortiManager devices, resolved an issue in which missing revision information caused an error during migration. (SR121834)

Installation/Upgrade

TOS-72135

 

Resolved an issue preventing migrations from TOS Classic to TOS Aurora (SR116793)

Device Monitoring

TOS-74642

R23-2 PRC1.0.0

For F5 Devices, resolved an issue preventing revisions from being retrieved due to a missing predefined port. (SR119524)

Installation/Upgrade

TOS-72135

 

Resolved an issue preventing migrations from TOS Classic to TOS Aurora (SR116793)

Notifications

TOS-74362

R23-2 PRC1.0.0

Resolved an issue preventing TOS from sending smtp alerts when the mail server was configured with authentication. (SR116213)

Reports

TOS-75352

 

Resolved an issue in which a race condition caused an incorrect calculation in reports. (SR116563)

Reports (Rule and Objects Usage)

TOS-73470

R23-2 PRC1.0.0

Resolved an issue preventing policies from appearing in the suggestions list of the Rule and Object Usage report, when creating new report, because at least one of the policy names contained an '&' character. (SR117050)

Rule Decommission

TOS-75112

R23-2 PGA.0.0

R24-1 PRC1.0.0

Resolved an issue preventing a Rule Decommission ticket from being created due to a Turkish character in the user name.
System TOS-72614 R23-2 PRC1.0.0 Resolved an issue in which the re-index of invalid tickets ran at the same time as the indexing process. (SR117850)

System

TOS-73159

R23-2 PRC1.0.0

Resolved an issue in which a syslog-cleaner jobs caused the TOS cluster to use up all resources. (SR118120)

System

TOS-75034

R23-2 PRC1.0.0

Resolved an issue in which the customer could not add a syslog timestamp separator. (SR118909)

Topology

TOS-71377

R23-2 PRC1.0.0

Resolved an issue impacting the performance of Interactive Map syncs. (SR115358)

Topology

TOS-73254

TOS-73595

 

For Cisco ACI devices, resolved an issue in which dynamic topology retrieval could failed when more than 300 static routes were configured on a logical node profile. (SR112123)

USP

TOS-71179

R23-2 PRC1.0.0

Resolved an issue causing a general error when navigating back to the USP viewer page. (SR112314)

Zones

 TOS-72393

R23-2 PRC1.0.0

Resolved an issue in which a data error in a zone message blocked additional messages in the zone channel. (SR116768)

R23-1 PHF1.2.0

R23-1 releases prior to R23-1 PHF1.2.0 are no longer available; however, the issues are listed under their original planned releases.

PHF1.2.0

Category

Reference ID

Also in

Description

Upgrades

REL-764

Resolved an issue in which upgrading from some earlier releases failed.

PHF1.0.0

Tufin Orchestration Suite R23-1 PHF1.0.0 includes these resolved or updated issues, and all resolved or updated issues from earlier versions.

Category

Reference ID

Also in

Description
Device Monitoring TOS-68287   For GCP devices, resolved an issue in which the licensing page warned about an evaluation license after a full license was installed. (SR113948)

Device Monitoring

TOS-69847

R23-2 PRC1.0.0

For Fortinet FortiGate devices, resolved an issue preventing revisions from being received. (SR114807)
Device Monitoring TOS-71156 R23-2 PRC1.0.0 For Check Point devices, resolved an issue in which a rule UID mismatch format on the Check Point side caused no results for st_apg_collect tool. (SR114091)

Device Monitoring

TOS-71341

R23-2 PRC1.0.0

For Check Point devices, resolved an issue in which the SMART console displayed errors on the domain-tools when the Check Point version did not support FQDN objects.

Risk Analysis TOS-63748   For Access Request workflows, resolved an issue causing a SecureTrack Connection error to be returned during risk calculation. (SR106943)

System

TOS-73079

R23-1 PHF2.0.0

R23-2 PRC1.0.0

Resolved an issue in which a TOS CLI error prevented pod readiness monitoring. (SR116781, SR117291, SR117848, SR118297)

Topology

TOS-71694

R23-2 PRC1.0.0

For ACI Tenants, resolved an issue in which routing information did not appear in the Interactive map. (SR112123)

PGA.0.0

Tufin Orchestration Suite R23-1 PGA.0.0 includes these resolved or updated issues, and all resolved or updated issues from earlier versions.

Category

Reference ID

Also in

Description

Change Management

TOS-66572

 

Resolved an issue in which SecureChange's security zone feature didn't work for Access Requests in instances where Source and Destination were the same. (SR112046)

Installation/Upgrade

TOS-67654

 

Resolved an issue in which upgrading from R22-1 PHF3.1.0 to R22-2 PHF2.0.0 failed due to an invalid job name. (SR112907)

Topology

TOS-67651

R23-2 PRC1.0.0

R23-1 PRC1.0.1

On Microsoft Azure devices, resolved an issue in which cloud topology crashed on SecureTrack deployments with Virtual HUB. (SR110777)

Topology

TOS-68974

 

For Cisco Meraki devices, resolved an issue which prevented the interactive map from working. (SR 113352)

PRC1.0.0

Tufin Orchestration Suite R23-1 PRC1.0.0 includes these resolved or updated issues, and all resolved or updated issues from earlier versions.

Category

Reference ID

Also in

Description

Database

TOS-56843

 

Resolved an issue in which a particular column in postgresql exceeded its limit and caused errors in the postgresql logs. (SR103024)
Database TOS-64751   Resolved an issue preventing a SecureTrack script from running properly due to duplicate device records in the database. (SR110287)

Designer

TOS-59283

 

Resolved an issue in which the inner group is not created automatically for a new group. (SR105486)

Provisioning

TOS-63214

 

For Cisco FMC devices, resolved an issue in which creating an Access Request with more than 50 hosts generated a generic error message rather than the correct message. (SR106931)

Workflow

TOS-58391

 

Resolved an issue in which marking the expiration field as non-mandatory triggered email notifications to be sent before the ticket expired. (SR103155)