Cisco Cisco Web Security Appliance S160 Guía Del Usuario
1-2
AsyncOS 8.7 for Cisco Web Security Appliances User Guide
Chapter 1 Introduction to the Product and the Release
What’s New
What’s New in Cisco AsyncOS 8.7
Requirements and Restrictions for AsyncOS 8.7
Please be aware of the following requirements and restrictions for AsyncOS 8.7:
•
AsyncOS 8.7 supports only version 1.3 of the Identity Services Engine.
•
This release of AsyncOS does not support Connector mode; however, when operating in Connector
mode, ISE-specific options remain visible and apparently available. To reiterate, Connector mode is
not supported, and if your system is operating in that mode, you should not upgrade to this release.
mode, ISE-specific options remain visible and apparently available. To reiterate, Connector mode is
not supported, and if your system is operating in that mode, you should not upgrade to this release.
What’s New in Cisco AsyncOS 8.5
Feature
Description
ISE integration
AsyncOS can now access additional user-identity information from
an Identity Services Engine (ISE) version 1.3 server deployed in the
same network.
an Identity Services Engine (ISE) version 1.3 server deployed in the
same network.
SSL configuration
For enhanced security, you can enable and disable SSLv3 for several
services. Services with SSLv3 disabled will use TLSv1.0.
services. Services with SSLv3 disabled will use TLSv1.0.
You can enable and disable SSLv3 for Appliance Management Web User
Interface, Proxy Services (includes HTTPS Proxy and Credential
Encryption for Secure Client), Secure LDAP Services (includes
Authentication, External Authentication, SaaS SSO, and Secure Mobility),
as well as the Update Service.
Interface, Proxy Services (includes HTTPS Proxy and Credential
Encryption for Secure Client), Secure LDAP Services (includes
Authentication, External Authentication, SaaS SSO, and Secure Mobility),
as well as the Update Service.
Use the Web interface (System Administration > SSL Configuration), or the
CLI (
CLI (
sslconfig
).
Feature
Description
High Availability
This release provides a built-in high availability option suitable for
deployments in which the appliance runs in explicit mode with a proxy.
deployments in which the appliance runs in explicit mode with a proxy.
For more information, see the “Connect, Install, and Configure” chapterin
the User Guide.
the User Guide.
2048-bit certificates
The key length for SSL certificates generated or processed by the appliance
is now 2048 bits.
is now 2048 bits.
LDAP authentication
LDAP protocol is now supported for authenticating administrative users of
the appliance.
the appliance.
Volume and Time Quotas You can apply time and volume quotas to access policies and decryption
policies. Quotas allow individual users to continue accessing an Internet
resource (or a class of Internet resources) until they exhaust the data volume
or time limit imposed.
resource (or a class of Internet resources) until they exhaust the data volume
or time limit imposed.