Cisco Cisco Email Security Appliance C170 Notas de publicación
12
Release Notes for AsyncOS 9.8 for Cisco Email Security Appliances
Installation and Upgrade Notes
Procedure
Use the following instructions to upgrade your Email Security appliance.
Step 1
Save the XML configuration file off the appliance.
Step 2
If you are using the Safelist/Blocklist feature, export the Safelist/Blocklist database off the appliance.
Step 3
Suspend all listeners.
Step 4
Wait for the queue to empty.
Step 5
From the System Administration tab, select the System Upgrade page.
Step 6
Click the Available Upgrades button. The page refreshes with a list of available AsyncOS upgrade
versions.
versions.
Step 7
Click the Begin Upgrade button and your upgrade will begin. Answer the questions as they appear.
Step 8
When the upgrade is complete, click the Reboot Now button to reboot your appliance.
Step 9
Resume all listeners.
What To Do Next
•
After the upgrade, review your SSL configuration to ensure that you have selected the correct GUI
HTTPS, Inbound SMTP, and Outbound SMTP methods to use. Use the System Administration >
SSL Configuration page or the
HTTPS, Inbound SMTP, and Outbound SMTP methods to use. Use the System Administration >
SSL Configuration page or the
sslconfig
command in CLI. For instructions, see the “System
Administration” chapter in the User Guide or the online help.
•
If you are upgrading from a non-FIPS-compliant release, you must enable FIPS mode on your
appliance using the
appliance using the
fipsconfig
command in CLI. For instructions, see the “FIPS Management”
chapter in the User Guide or the online help.
•
If you plan to switch your appliance to FIPS mode, disable TLS v1.0 method for GUI HTTPS,
Inbound SMTP, and Outbound SMTP under System Administration > SSL Configuration. For
instructions, see the “System Administration” chapter in the User Guide or the online help.
Inbound SMTP, and Outbound SMTP under System Administration > SSL Configuration. For
instructions, see the “System Administration” chapter in the User Guide or the online help.
•
To be Common Criteria-compliant, make sure that all the trusted certificate authorities installed
(System and Custom Lists) in your appliance have the CA flag set to TRUE. For instructions, see
“Encrypting Communication with Other MTAs” chapter > “Ensuring That the List of Trusted
Certificate Authorities in Your Appliance are Common Criteria-Compliant” section.
(System and Custom Lists) in your appliance have the CA flag set to TRUE. For instructions, see
“Encrypting Communication with Other MTAs” chapter > “Ensuring That the List of Trusted
Certificate Authorities in Your Appliance are Common Criteria-Compliant” section.
•
Review the following topics:
–
–
–
Pushing Logs to a Remote Server Using SCP May Require Configuration
Changes
Changes
If you have configured your appliance to push your subscribed logs to a remote server using Secure Copy
(SCP), do the following after upgrading to AsyncOS 9.8:
(SCP), do the following after upgrading to AsyncOS 9.8:
Step 1
Log in to your appliance’s web interface.