Cisco Cisco Web Security Appliance S690 릴리즈 노트
2
Release Notes for AsyncOS 9.2.x for Cisco Web Security Appliances
About Policy Application from Cloud Web Security
•
•
•
•
What’s New in Cisco AsyncOS 9.2.0-809 (GD)
This is an upgrade release; no new features were added.
What’s New in Cisco AsyncOS 9.2.0-796
•
Translation of both default and user-defined CWS policies to WSA policies has been expanded and
optimized; very few CWS rules are not converted.
optimized; very few CWS rules are not converted.
•
Upgrades to the AsyncOS software are now downloaded automatically whenever available.
Downloaded upgrades are then installed during the Time Windows specified on the Upgrade and
Update Settings page.
Downloaded upgrades are then installed during the Time Windows specified on the Upgrade and
Update Settings page.
What’s New in Cisco AsyncOS 9.2.0-083 (GD)
This is an upgrade release; no new features were added.
What’s New in Cisco AsyncOS 9.2.0-075
Hybrid Web Security mode provides unified cloud and on-premise policy enforcement and threat defense,
using policies defined in Cisco ScanCenter—the administrative portal to Cloud Web Security—which are
automatically downloaded to the Web Security appliance.
using policies defined in Cisco ScanCenter—the administrative portal to Cloud Web Security—which are
automatically downloaded to the Web Security appliance.
About Policy Application from Cloud Web Security
Please note these points regarding download, conversion and application of CWS policies/filters/rules to
WSA policies:
WSA policies:
•
Translation of both default and user-defined CWS policies to WSA policies is not a one-to-one
conversion; however, the action that results from application of a particular policy in both
environments is the same. In other words, the Block or Allow decision is always consistent,
regardless of the sequence of rules “fired” in both cases. This allows rule evaluation in the proxy to
be optimized for better performance without compromising consistent behavior.
conversion; however, the action that results from application of a particular policy in both
environments is the same. In other words, the Block or Allow decision is always consistent,
regardless of the sequence of rules “fired” in both cases. This allows rule evaluation in the proxy to
be optimized for better performance without compromising consistent behavior.
•
Supported anti-malware scanning services are not the same on both platforms; they will remain
independent. The WSA provides an option to choose scanning services, and at least one must
be enabled.
independent. The WSA provides an option to choose scanning services, and at least one must
be enabled.
•
In Hybrid mode, the WSA does not support the following items; these will not be downloaded:
–
Any rule assigned the Authenticate or Warn action. (Warn was supported in an earlier version
of Hybrid mode for URL categories; this is no longer the case.)
of Hybrid mode for URL categories; this is no longer the case.)
–
Outbound filters. Any rule using a filter that contains any Keyword, Outbound File Type,
Preconfigured ID, or Regular Expression. Inbound Extensions are also not supported.
Preconfigured ID, or Regular Expression. Inbound Extensions are also not supported.