Cisco Cisco Web Security Appliance S380
13
Release Notes for AsyncOS 9.1.x for Cisco Web Security Appliances
Documentation Updates
•
If you use SCP push to transfer logs to a remote server (including Splunk): Clear the old SSH host
key for the appliance from the remote server.
key for the appliance from the remote server.
•
If your deployment includes a Cisco Content Security Management Appliance, see important
instructions in the Release Notes for that appliance.
instructions in the Release Notes for that appliance.
File Analysis: Required Changes to View Analysis Result Details in the Cloud
The requirement in this section was introduced in AsyncOS 8.8.
If you have deployed multiple content security appliances (web, email, and/or management) and you
want to view detailed file analysis results in the cloud for all files uploaded from any appliance in your
organization, you must configure an appliance group on each appliance after upgrading. To configure
appliance groups, see the “File Reputation Filtering and File Analysis” chapter in the user guide PDF.
(This PDF is more current than the online help in AsyncOS 8.8.)
want to view detailed file analysis results in the cloud for all files uploaded from any appliance in your
organization, you must configure an appliance group on each appliance after upgrading. To configure
appliance groups, see the “File Reputation Filtering and File Analysis” chapter in the user guide PDF.
(This PDF is more current than the online help in AsyncOS 8.8.)
File Analysis: Verify File Types To Be Analyzed
The File Analysis cloud server URL changed in AsyncOS 8.8, and as a result, the file types that can be
analyzed may have changed after upgrade. You should receive an alert if there are changes. To verify the
file types selected for analysis, select Security Services > Anti-Malware and Reputation and look at
the Advanced Malware Protection settings.
analyzed may have changed after upgrade. You should receive an alert if there are changes. To verify the
file types selected for analysis, select Security Services > Anti-Malware and Reputation and look at
the Advanced Malware Protection settings.
Unescaped Dots in Regular Expressions
Following upgrades to the regular-expression pattern-matching engine, you may receive an alert
regarding unescaped dots in existing pattern definitions after updating your system. Any unescaped dot
in a pattern that will return more than 63 characters after the dot will be disabled by the Velocity
pattern-matching engine, and an alert to that effect will be sent to you, and you continue to receive an
alert following each update until you correct or replace the pattern. Generally, unescaped dots in a larger
regular expression can be problematic and should be avoided.
regarding unescaped dots in existing pattern definitions after updating your system. Any unescaped dot
in a pattern that will return more than 63 characters after the dot will be disabled by the Velocity
pattern-matching engine, and an alert to that effect will be sent to you, and you continue to receive an
alert following each update until you correct or replace the pattern. Generally, unescaped dots in a larger
regular expression can be problematic and should be avoided.
Documentation Updates
The following information supplements information in the Online Help and/or User Guide for this release.
Sophos No Longer Scans Archive Files
As of AsyncOS 9.0, scanning of archive (.zip) files has been disabled in the Sophos scanner.
Additional Information
The User Guide PDF may be more current than the online help. To obtain the User Guide PDF and other
documentation for this product, click the View PDF button in the online help or visit the URL shown in
documentation for this product, click the View PDF button in the online help or visit the URL shown in
.