Strata Cloud Manager
Known Issues
Table of Contents
Expand All
|
Collapse All
Strata Cloud Manager Docs
Known Issues
See the fixes we're working on, or have recently fixed, in Strata Cloud Manager.
Review the issues we're working to fix in Strata Cloud Manager.
These are known issues found in the Strata Cloud Manager
platform. You can also review in-progress fixes for the subscriptions and products
supported for Strata Cloud Manager here:
- NGFW Release Notes (AIOps for NGFW and Cloud Management for NGFW)
- Prisma Access Release Notes
- Prisma SD-WAN Release Notes
- AI-Powered Autonomous DEM Release Notes
Cloud-Delivered Security Services (CDSS) docs:
Configuration Management Known Issues
| ID | Description |
|---|---|
| ADI-47855 | When you attempt to run Push Config operations from
the SASE Private Location wizard, the action fails. Workaround:
Perform the Push Config from Strata Cloud Manager instead of
from the wizard. |
| ADI-47882 | Projects page in Dynamic Privilege Access shows
internal server error in AccessAgentDynamic Privilege AccessProjects, an internal server error appears when you open the
page or click a project to edit it. Workaround: Close to dismiss
the error and continue editing the project. |
| ADI-48273 | Once you commit and push changes, you cannot change the name of the SASE private region. |
| ADI-43690 |
Local configuration management feature is not currently supported
for Device Setup widgets and several other objects. Support for
these will be added in a future update.
|
| ADI-44920 |
The Imported SaaS recommended policy does not appear on the
Security Policy page.
|
| ADI-40767 |
The dampening profile configuration is not available under Device SettingsRoutingProfilesBGP in Strata Cloud Manager.
|
| ADI-40766 | BGP timer profiles configuration is not available under Device SettingsRoutingProfilesBGP. |
| ADI-40765 | Global connection options are not available under Device SettingsRoutingLogical RoutersBGP Peer Group in Strata Cloud Manager. |
| ADI-35760 |
On the AI Access Security Use Case page (InsightsAI Access), changing the application tag for a container
app does not automatically update the tags for its child
apps.
|
| ADI-35546 |
Two discrete applications with the same App-ID are displayed in
the list of Applications (ManageConfigurationNGFW & Prisma AccessObjectsApplicationApplications) and Application Filters (ManageConfigurationNGFW & Prisma AccessObjectsApplicationApplications Filters) if the application is available as part of the
predefined apps provided with your currently installed dataplane
version and delivered from the App-ID Cloud Engine (ACE). The
two discrete App-IDs may have different attributes, such as Tags
and the Risk Score.
For example, ChatGPT is available as a predefined app and is also
delivered from ACE. In this case, you see two entries of ChatGPT
when you view your Applications and Application Filters.
|
|
ADI-29665
|
Dynamic Privilege Access: Do not use special characters in
project names, otherwise Strata Cloud Manager will issue a
"Malformed Request" error message when you try to save the
project configuration.
|
|
ADI-33262
|
On a Prisma Access tenant where Dynamic Privilege Access is
enabled, a Mobile UserAccess Agent configuration push will fail without first
configuring a project in Strata Cloud Manager.
Workaround: Configure at least one project
before you do a push config.
|
| ADI-33776 | When configuring the Dynamic DNS feature in Prisma Access, ensure that the file name for the key file uploaded for Kerberos or TSIG key file is less than or equal to 32 characters. |
| ADI-33914 | Profile hit counts are not incremented in the URL filtering profile in Strata Cloud Manager. |
| ADI-30768 |
Configure Remote Network TunnelProtocol doesn't support Any as the option for proxy-id-
protocol configuration.
|
|
ADI-19128
|
When configuring a Security policy rule (ManageConfigurationNGFW and Prisma AccessSecurity ServicesSecurity Policy), you're able to select address objects created
outside of your scope management configuration (ManageConfigurationNGFW and Prisma AccessAccess ControlScope Management).
|
| ADI-31050 | Proxy zone is not listed in dropdown while creating an interface. Proxy zone is a default zone like local or internet, but in the api response, it doesn't have the interface type/layer values. |
| ADI-30404 | With remote networks internal gateway enabled, when portal authentication profile iss modified from SAML to Local User, the show global-protect-gateway gateway does not show the authentication profile correctly. |
| ADI-30298 | DHCP Relay local config from firewalls does not show conflicts in Strata Cloud Manager for resolved interfaces. |
| ADI-25671 | If you use a signature in an Anti-Spyware policy rule, you are unable to change the Action that Strata Cloud Manager takes when it detects the signature. |
| ADI-22188 | Prisma Access commit opt: Incorrect Prisma Access configuration may not be caught in the Strata Cloud Manager, but fails in firewall and the error is reported back to Strata Cloud Manager post commit. |
| ADI-20068 | ZTNA Connector Microapp on SASE portal for Strata Cloud Manager tenants should not be used by any tenants with 10.2.* AMI version. |
Command Center Known Issues
| ID | Description |
|---|---|
| — |
The Command Center is always updated with the latest
data and metrics, and may not match what is available in
Activity Insights or other
dashboards.
Security subscription counts, action counts, and
metrics provided in the command center bubbles display the
latest data available at the time.
This is due to a few different things:
You may see this data in the following command center
views (including widgets, bubbles, and data flows):
|
| AIOPS-9888 | In the Users tab of Activity Insights, the Monitored Users count does not accurately reflect the total count of actual monitored users. It includes branch user |
| NETVIS-962 | In the views of the command center, public traffic may be classified as Internal Hosts under the Other bubble when security rules are set to Allow All. |
| NETVIS-955 | In the views of the command center, the IoT Devices bubble count does not display the expected count of devices and does not match what is in the (MonitorAssets) dashboard. |
| NETVIS-927 | In the Threats view of the command center, the URL Filtering bubble always shows 0 applications and data transferred when following through to the Monitor dashboard. |
| NETVIS-924 |
The Strata Cloud Manager command center will be
unavailable in the following regions at launch:
|
| NETVIS-892 | In the Data Security view of the command
center, the Sensitive Data Users bubble displays the
total count of discovered users, not just sensitive
users. Work around: Use the SaaS Security
dashboard (CASB > SaaS Security). |
| NETVIS-806 | In the command center views, the IoT Devices count bubble may be 0 if Strata Logging Service Next-Generation Firewall logs do not have IoT attributes. |
| NETVIS-736 | In the Operational Health view of the command center, when following through on Device Health links, time-based filters available in the command center are not available in those pages. |
| NETVIS-479 |
In the Data Security view of the command center,
the Incidents count breakdown by Severity may be
lower than anticipated. Severity is not found in all incidents,
resulting in them being classified as “Low” instead of their
actual severity.
|
Prisma Access Browser Visibility Known Issues
| ID | Description |
|---|---|
|
NETVIS-2040
|
In Activity InsightsApplications, the Rule Name column
refers to Prisma Access firewall rules. It isn't applicable
to Prisma Access Browser Standalone tenants and should not be
visible.
|
| NETVIS-1980 | Some Prisma Access Browser data aren't populated as expected when
the same tenant has been activated with Prisma Access and Prisma Access Browser Standalone. The following pages might not show
the Prisma Access Browser changes:
|
| NETVIS-1908 |
Data usage isn't available in Prisma Access Browser
events, so in Activity InsightsApplications details the data transfer widget is empty for a Prisma Access Browser standalone tenant. However, the same might
have data for Prisma Access Browser add-on in the presence of Prisma Access as long as data is flowing through Prisma Access firewalls.
|
| NETVIS-1905 |
Data usage isn't available in Prisma Access Browser
events, so in Activity InsightsApplications the Data Usage column is
empty for a Prisma Access Browser standalone tenant. However, the
same might have data for Prisma Access Browser add-on in the
presence of Prisma Access as long as data is flowing through
Prisma Access firewalls.
|
| NETVIS-1904 |
Threat information isn't available in Prisma Access Browser events so in Activity InsightsApplicationsdetails, the Total Threats by Threat
Type widget is empty for Prisma Access Browser
standalone tenant. However, the same might have data for Prisma Access Browser add-on in the presence of Prisma Access
as long as data is flowing through Prisma Access
firewalls.
|
| NETVIS-1899, NETVIS-1862 | Left navigation menu items in Strata Cloud Manager that are not relevant to Prisma Access Browser standalone tenants are not hidden in this release. This will be taken care of in future releases. |
| NETVIS-1890 | In Dark Mode the Prisma Access Browser pages display with a light background. |
| NETVIS-1555 | An exported PDF from the Activity InsightsUsersdetails page does not include all the columns from the Prisma Access Browser summary table. This is a general issue on the size limitations of PDF exports. |