Cisco Cisco Email Security Appliance C170
8
Release Notes for AsyncOS 9.8 for Cisco Email Security Appliances
Upgrade Paths
Upgrade Paths
You can upgrade to release 9.8.0-092 from the following versions:
•
9.8.0-066
•
9.1.2-036
•
9.1.1-038
•
9.7.2-131
Note
You cannot upgrade from 9.8.0.x version to10.0.x release.
Installation and Upgrade Notes
Read through and consider the installation and upgrade impacts listed in this section.
When you upgrade AsyncOS from the web interface or Command Line Interface (CLI), the
configuration is saved to file in the /configuration/upgrade directory. You can access the upgrade
directory using an FTP client. Each configuration file name is appended with the version number, and
passwords in the configuration file are masked so they are not human readable.
configuration is saved to file in the /configuration/upgrade directory. You can access the upgrade
directory using an FTP client. Each configuration file name is appended with the version number, and
passwords in the configuration file are masked so they are not human readable.
You must be logged in as the admin to upgrade. Also, you must reboot the appliance after upgrading.
Change in URL Reputation Feature Servers
Important! The server pool used by the URL Reputation feature servers has changed. As a result, when
you enable the URL Filtering feature, you may observe one of the following symptoms:
you enable the URL Filtering feature, you may observe one of the following symptoms:
•
Work queue on your appliance backs up
•
A large number of 'Request already expired' entries in the web_client logs
•
Alerts indicating that your appliance is unable to connect to the Cisco Web Security Service
To fix this issue, you must reduce the number of URLs sent for verification at the same time.
Procedure
Step 1
Use SSH to access the command-line interface.
Step 2
Enter
websecurityadvancedconfig
.
Change in SPF
Verification Content and
Message Filter Behavior
Verification Content and
Message Filter Behavior
If you have configured an SPF verification content or message filter rule
without an SPF identity and if a message contains different SPF identities
with different verdicts, the rule is triggered if one of the verdicts in the
message matches the rule.
without an SPF identity and if a message contains different SPF identities
with different verdicts, the rule is triggered if one of the verdicts in the
message matches the rule.
Change in host key
verifications during
cluster communication.
verifications during
cluster communication.
Prior to this release, during cluster communication, host key verifications
were performed based on SSH-DSS and SSH-RSA.
were performed based on SSH-DSS and SSH-RSA.
After upgrading to this release, during cluster communication, host key
verifications are now performed based on SSH-RSA only.
verifications are now performed based on SSH-RSA only.