Cisco Cisco Web Security Appliance S160 Release Notes
Known Issues
58
Release Notes for Cisco IronPort AsyncOS 7.0 for Web
OL-23205-01
30255
NTLM authentication settings might not save correctly
When NTLM Basic authentication is configured and then disabled in a web access
policy group, settings are saved and you do not have to repeat the setup if you
re-enable. Currently, the appliance fails to save the authentication scheme and the
setting defaults to “Use NTLMSSP.”
policy group, settings are saved and you do not have to repeat the setup if you
re-enable. Currently, the appliance fails to save the authentication scheme and the
setting defaults to “Use NTLMSSP.”
32114
Issue with manual updates and WCCP
Manual updates fail to download when the appliance is configured as a WCCP
transparent proxy with IP spoofing enabled. The manual update succeeds when IP
spoofing is disabled.
transparent proxy with IP spoofing enabled. The manual update succeeds when IP
spoofing is disabled.
29868
Changing NTLM non-admin user credentials requires AD server configuration
When changing the non-admin user credentials for the Active Directory server on the
appliance, the credentials used to join the Active Directory domain must also be
configured on the Active Directory server. The new credentials must have at least the
following permissions on the “Computers” container in the “Active Directory Users
and Computers” MMC applet: Create Computer Objects, and Delete Computer
Objects.
appliance, the credentials used to join the Active Directory domain must also be
configured on the Active Directory server. The new credentials must have at least the
following permissions on the “Computers” container in the “Active Directory Users
and Computers” MMC applet: Create Computer Objects, and Delete Computer
Objects.
25069, 28629,
31966
31966
Response message for manual updates might be inconsistent
The result code for manually updated components is always “Success — Component
was successfully updated.” In some instances, update status and descriptive
messaging might not reflect actual activity.
was successfully updated.” In some instances, update status and descriptive
messaging might not reflect actual activity.
37384, 26979,
23483, 23480
23483, 23480
Partial messaging for denied HTTP CONNECT requests
Some browsers truncate HTTP data that is sent in response to a CONNECT request.
This means that if the Web Security appliance denies a CONNECT request, the “page
cannot be displayed: Access Denied” error message might be incomplete.
This means that if the Web Security appliance denies a CONNECT request, the “page
cannot be displayed: Access Denied” error message might be incomplete.
27887
No alerts for failed authentication servers
The Web Security appliance does not currently support alert messaging for failed
authentication servers. To manage the appliance during such an event, use the
advanced authentication settings to specify an action if the authentication server
becomes unavailable. This option is located on the Network > Authentication page.
authentication servers. To manage the appliance during such an event, use the
advanced authentication settings to specify an action if the authentication server
becomes unavailable. This option is located on the Network > Authentication page.
28821
System reports false hard disk failure
Transient reports of hard disk failures might be erroneous. Performing a same drive
hot swap resets the RAID firmware and likely resolves this issue.
hot swap resets the RAID firmware and likely resolves this issue.
Table 3
Known Issues for AsyncOS 7.0 for Web (continued)
Defect ID
Description