BugZero found this defect 1207 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
1/28/2021
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
All
Fireware
12.x
12.6.x
v12.6.4 Update 1
In Fireware 12.6.x, the IPS/Application Control scan engine might sometimes detect all applications as unknown.When this issue occurs, you see logs that include the text "app_id="65535" app_name="unknown" app_cat_id="255" app_cat_name="unknown" app_beh_id="255" app_beh_name="unknown"" and "Failed to allocate IPS/AppID connection entry, pass proto".The impact depends on how you configured Application Control to handle unknown applications. When Application Control is configured to allow all unknown applications, the detection and reporting of applications is missing. When Application Control is configured to deny all unknown applications, the Firebox drops all traffic through the policy.
To prevent policies from dropping all traffic, configure Application Control to allow all unknown applications.Because this issue only appears to occur after several continuous days of operation, you could also configure scheduled reboots to prevent the issue.