Cisco Cisco Web Security Appliance S690 릴리즈 노트

This is an upgrade release; no new features were added.

Translation of both default and user-defined CWS policies to WSA policies has been expanded and 
optimized; very few CWS rules are not converted.

Upgrades to the AsyncOS software are now downloaded automatically whenever available. 
Downloaded upgrades are then installed during the Time Windows specified on the Upgrade and 
Update Settings page. 

This is an upgrade release; no new features were added.

Hybrid Web Security mode provides unified cloud and on-premise policy enforcement and threat defense, 
using policies defined in Cisco ScanCenter—the administrative portal to Cloud Web Security—which are 
automatically downloaded to the Web Security appliance.

Please note these points regarding download, conversion and application of CWS policies/filters/rules to 
WSA policies:

Translation of both default and user-defined CWS policies to WSA policies is not a one-to-one 
conversion; however, the action that results from application of a particular policy in both 
environments is the same. In other words, the Block or Allow decision is always consistent, 
regardless of the sequence of rules “fired” in both cases. This allows rule evaluation in the proxy to 
be optimized for better performance without compromising consistent behavior.  

Supported anti-malware scanning services are not the same on both platforms; they will remain 
independent. The WSA provides an option to choose scanning services, and at least one must 
be enabled.

In Hybrid mode, the WSA does not support the following items; these will not be downloaded:

Any rule assigned the Authenticate or Warn action. (Warn was supported in an earlier version 
of Hybrid mode for URL categories; this is no longer the case.) 

Outbound filters. Any rule using a filter that contains any Keyword, Outbound File Type, 
Preconfigured ID, or Regular Expression. Inbound Extensions are also not supported.