Cisco Cisco Web Security Appliance S690
4
Release Notes for AsyncOS 8.5.x for Cisco Web Security Appliances
New Features
New Features in Release 8.5.0
The following new features and enhancements have been added in this release.
Feature
Description
High Availability
This release provides a built-in high availability option suitable for
deployments in which the appliance runs in explicit mode with a proxy.
deployments in which the appliance runs in explicit mode with a proxy.
For more information, see the “Connect, Install, and Configure” chapterin
the User Guide.
the User Guide.
2048-bit certificates
The key length for SSL certificates generated or processed by the appliance
is now 2048 bits.
is now 2048 bits.
LDAP authentication
LDAP protocol is now supported for authenticating administrative users of
the appliance.
the appliance.
Volume and Time Quotas You can apply time and volume quotas to access policies and decryption
policies. Quotas allow individual users to continue accessing an Internet
resource (or a class of Internet resources) until they exhaust the data volume
or time limit imposed.
resource (or a class of Internet resources) until they exhaust the data volume
or time limit imposed.
Web Security Virtual
Appliance enhancements
Appliance enhancements
•
Support for thin provisioning
•
Support for ESXi 5.5
•
Now, after the virtual appliance license expires, there is a six-month
grace period during which the appliance continues to process web
transactions, but without security services
grace period during which the appliance continues to process web
transactions, but without security services
You can configure the appliance to send you alerts when the license
expiration date approaches.
expiration date approaches.
•
Evaluation feature keys can now be deployed on virtual appliances
Authentication by
machine ID
machine ID
For deployments in Connector mode with Active Directory, this release
introduces the option to authorize access based on device ID.
introduces the option to authorize access based on device ID.
Advanced Malware
Protection enhancements
Protection enhancements
•
Advanced Malware Protection can now detect malware in archived or
compressed files.
compressed files.
•
You can now select the interface used to communicate with an AMP
server.
server.
•
File analysis now supports analysis of additional file types. Supported
file types are determined by the cloud service and can change at any
time.
file types are determined by the cloud service and can change at any
time.
When you configure the File Analysis feature, you can choose which
file types to send for analysis, and you can choose to receive alerts
when the options change.
file types to send for analysis, and you can choose to receive alerts
when the options change.
For more information, see “Which Files Can Have their Reputation
Evaluated and Be Sent for Analysis?” in the Release Notes, and the
chapter “File Reputation and File Analysis” in the on-line help or User
Guide for information about supported file types and alerts.
Evaluated and Be Sent for Analysis?” in the Release Notes, and the
chapter “File Reputation and File Analysis” in the on-line help or User
Guide for information about supported file types and alerts.
AAA Audit logging
AsyncOS is enhanced to standardize AAA-related logging across multiple
logs, and to centralize them into a central log subscription. This new log
subscription will be exportable via syslog.
logs, and to centralize them into a central log subscription. This new log
subscription will be exportable via syslog.