Cisco Cisco Email Security Appliance C160 Guía Del Usuario
1-3
Cisco AsyncOS 8.0.2 for Email User Guide
Chapter 1 Getting Started with the Cisco Email Security Appliance
What’s New in This Release
Changes in Behavior
•
•
Revised Threshold Levels for Entering Resource Conservation Mode
Prior to this release, Email Security appliance enters resource conservation mode when the RAM
utilization exceeds 75% and the allowed injection rate is gradually decreased as RAM utilization
approaches 85%.
utilization exceeds 75% and the allowed injection rate is gradually decreased as RAM utilization
approaches 85%.
Configurable CLI Session Timeout
You can now specify how long a user can be logged into the
Email Security appliance’s CLI before AsyncOS logs the user
out due to inactivity. See
Email Security appliance’s CLI before AsyncOS logs the user
out due to inactivity. See
.
Note
The CLI session timeout applies only to the
connections using Secure Shell (SSH), SCP, and direct
serial connection.
connections using Secure Shell (SSH), SCP, and direct
serial connection.
Enhanced Security for DKIM Signing
Keys in FIPS Mode
Keys in FIPS Mode
For enhanced security, if encryption of sensitive data in the
appliance is enabled in FIPS mode,
appliance is enabled in FIPS mode,
•
Private keys are not displayed in plain text while editing an
existing signing key. See
existing signing key. See
.
•
Signing keys are encrypted while exporting. See
Enhanced Security for DSA Host
Keys in FIPS Mode
Keys in FIPS Mode
For enhanced security, in FIPS mode, AsyncOS for Email uses
a 2048-bit DSA host key.
a 2048-bit DSA host key.
Enhanced Security for Demonstration
Certificate
Certificate
The demonstration certificate is updated to use keys of size
2048 bits and 1024 bits for FIPS mode and non-FIPS mode,
respectively.
2048 bits and 1024 bits for FIPS mode and non-FIPS mode,
respectively.
Cross-site Scripting Attack Protection You can prevent attackers from injecting malicious scripts to
the Web UI and CLI using the Cross-site Scripting (XSS)
attack protection feature. See
attack protection feature. See
Enhanced Security for Remote Access When enabling Remote Access for Cisco Customer Support on
your appliance, you can now specify a seed string to initialize
secure communication. The Cisco Customer Support team uses
the specified seed string to generate a secure shared secret for
accessing this appliance.
secure communication. The Cisco Customer Support team uses
the specified seed string to generate a secure shared secret for
accessing this appliance.
See
Feature
Description