Cisco SSL Appliance 2000 Guide De Montage
Version 3.6
Sourcefire SSL Appliance Release Notes
2
Important Update and Compatibility Notes
Important Update and Compatibility Notes
The following sections list important points you must keep in mind before you
begin the update process, as well as any possible consequences or compatibility
issues you may encounter during or after the update process:
•
•
Before You Begin
Before you begin the update process for Version 3.6.3, you should keep the
following important points in mind:
•
Sourcefire strongly recommends that you back up event and configuration
data to a local computer before you perform the update; this data is not
backed up as part of the update process.
For information on the backup feature for your appliance, see the Sourcefire
For information on the backup feature for your appliance, see the Sourcefire
SSL Appliance Administration and Deployment Guide.
•
All SSL appliances running earlier software versions must be upgraded to
the software version described in these release notes. If an item below only
applies to the SSL1500, SSL2000, or SSL8200, this is clearly indicated.
Otherwise, all items apply to all appliances.
•
If you need to return your appliance to a previous release of the SSL
appliance for any reason, contact Sourcefire Support for more information.
New Features and Functionality
The following features and functionality have been added in Version 3.6.3:
•
Added support for ECDHE-ECDSA SSL/TLS cipher-suites, which includes
support for ECC-DSA certificates.
•
Added support for Google ChannelID TLS extension, which allows the
Chrome browser to properly connect to Google servers through the SSL
Visibility appliance.
•
Added CLI tool to collect diagnostics, which was previously only possible via
the GUI.
•
Version and S/N information is now displayed on CLI as well as on the front
panel LCD.
•
Recovery partition version information added to GUI.
•
Limit on concurrent connections on the SV3800 increased from 300,000 to
400,000.
The following features and functionality were added in Version 3.6:
•
Support for inspecting TLS 1.2 traffic
•
Better handling of TCP RST packets