Known Issues

This is the list of current active issues seen on the UI when using the features of Xshield.

Dashboard

  • On the Information Center > HUD - Dashboard page, the Network traffic, and the Observed traffic widgets lag by 30 minutes.

Assets

  • On the Assets page, the fly panel of the AWS and Azure cloud-monitored assets displays the Network Access Control Lists (ACL) and Resource ACLs (for AWS assets) and Network Security Groups (NSG) (for Azure assets) in the Vulnerability tab. Read the name of the Vulnerability tab as Security.

  • On the Assets page, the fly panel of the AWS and Azure cloud-monitored assets displays the Probe link to run ColorTokens cross-subnet reachability probes on the assets. The Probe link is not functional because ColorTokens cross-subnet reachability probes cannot be run on cloud-monitored assets.

  • Microsoft uses the 'Capitalize Each Word' format to display 'Regions' in Microsoft Azure. However, for assets added to Xshield from Microsoft Azure, the Region column on the Assets page and the assets' fly panels display the regions in the lower case. Also, multiple words used to denote the Azure Regions are displayed as a single word on the Xshield UI. For example, westcentralus and not West Central US.

  • For some Common Vulnerabilities and Exposures (CVEs), the Xshield UI displays a CVSS score of ‘0’ (Zero). However, the in-built CT Scanner finds and reports the vulnerabilities (related to the CVEs) in the Asset’s fly panel. For example, CVE-2020-1031 and CVE-2020-0886.

  • If you manually uninstall the Microsoft Security Update KB982799 from Windows assets and endpoints, the entry for this Security Update/Hotfix is not deleted from the Xshield agent log file. The expected behavior is that this entry must be deleted if you uninstall the Security Update/Hotfix.

Reports

  • On the front page of the Security Sightings report, sometimes the number of connections by the type of connections does not sum up to the total number of connections.

Xaccess

  • It may take up to 10 minutes to apply the Xaccess Auto-Quarantine policies after a user asset is found vulnerable. The same is true for reverting the access for the asset to its original Xaccess policies.

  • An IdP federation metadata XML can be used to integrate the IdP multiple times with the instance. Although you see multiple entries of the IdP on the Xaccess > Onboard Users page user identities are not duplicated in the instance and there is no other functional impact on Xaccess features.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.