Cisco Cisco Email Security Appliance C160
2
Release Notes for Cisco AsyncOS 8.5.6 for Email
What’s New
What’s New in Cisco AsyncOS 8.5.6 for Email
Feature
Description
Enhancements
Support for filtering by
URL Reputation
URL Reputation
You can now create message and content filters to take action based on the
reputation of URLs in messages. You can take action on messages as a whole
(such as drop or quarantine the message) or on URLs in messages (such as
replace with a text message or redirect to the Cisco web security proxy for
click-time evaluation of the safety of the site.)
reputation of URLs in messages. You can take action on messages as a whole
(such as drop or quarantine the message) or on URLs in messages (such as
replace with a text message or redirect to the Cisco web security proxy for
click-time evaluation of the safety of the site.)
Advanced Malware
Protection
Improvements
Protection
Improvements
•
Port 443 is now supported for file reputation queries. You can use an
upstream proxy for communications with the cloud service.
upstream proxy for communications with the cloud service.
•
File reputation threshold is updatable through updater server. If you do
not want to use this value, you can override the file reputation threshold
with a custom value.
not want to use this value, you can override the file reputation threshold
with a custom value.
Note: If you are using a custom file reputation threshold value, after
upgrading to Cisco AsyncOS 8.5.6 for Email, this value is overwritten
with the value from updater server.
upgrading to Cisco AsyncOS 8.5.6 for Email, this value is overwritten
with the value from updater server.
•
For file analysis, AsyncOS logs files’ SHA in the mail log and failure
reasons in the AMP log
reasons in the AMP log
•
AsyncOS automatically obtains the latest SSL certificates for
connections with cloud services.
connections with cloud services.
•
You can view the results of the most recent check for Advanced Malware
Protection Cloud Services connectivity.
Protection Cloud Services connectivity.
Outbreak Filter
Enhancements
Enhancements
•
From the Outbreak Filters page, you can now drill-down for more
information about the following reports using message tracking:
information about the following reports using message tracking:
–
Threat Summary
–
Threat Details
–
Top URL's Rewritten
•
From the Message Tracking page, you can now filter messages based on
the following message processing events:
the following message processing events:
–
URL Rewritten by Outbreak Filter
–
Outbreak Filter Threat Category
Changed Behavior
Logging of URLs
Logging of URL-related logs is disabled by default. This includes the logs for
the following events:
the following events:
•
Category of any URL in the message matches the URL category filters
•
Reputation score of any URL in the message matches URL reputation
filters
filters
•
Outbreak Filter rewrites any URL in the message
Use the
outbreakconfig
command in CLI to enable the logging of these
events.