Cisco Cisco Email Security Appliance C680 릴리즈 노트
4
Release Notes for AsyncOS 9.8 for Cisco Email Security Appliances
What’s New
Support for TLS v1.2
Cisco Email Security appliance now supports an additional SSL method:
TLS v1.2. Keep in mind that:
TLS v1.2. Keep in mind that:
•
If you were using TLS v1 prior to the upgrade, TLS v1.2 is also
negotiated after the upgrade.
negotiated after the upgrade.
•
If you weren’t using TLS v1 prior to the upgrade, the SSL methods
are not automatically set to TLS v1.2 after the upgrade.
are not automatically set to TLS v1.2 after the upgrade.
You can use the SSL Configuration page on web interface or the
sslconfig
command in CLI to view or modify the existing SSL
configuration.
Note
The highest supported TLS or SSL method in the client
advertisement is always selected during the negotiation.
advertisement is always selected during the negotiation.
Enhanced Credit Card
Number Smart Identifier
Number Smart Identifier
The credit card number smart identifier can now identify JCB card
numbers.
numbers.
View File Analysis result
details from all appliances
in your organization
details from all appliances
in your organization
You can now view detailed file analysis results in the cloud for all files
uploaded from any content security appliance in your organization.
uploaded from any content security appliance in your organization.
To configure this functionality, see the “File Reputation Filtering and File
Analysis” chapter in the user guide or online help.
Analysis” chapter in the user guide or online help.
URL Filtering
Enhancement
Enhancement
You can now configure the appliance not to replace the URLs within
HREF tags with secure proxy URLs. However, if an end user clicks on
these URLs, the end user will be redirected to the secure proxy.
HREF tags with secure proxy URLs. However, if an end user clicks on
these URLs, the end user will be redirected to the secure proxy.
You can configure this option using the
websecurityadvancedconfig
command in the CLI. See CLI Reference Guide for AsyncOS for Cisco
Email Security Appliances.
Email Security Appliances.
Option to Send Potentially
Malicious File Types for
File Analysis
Malicious File Types for
File Analysis
Cisco periodically checks for potentially malicious file types to prevent
zero day threats. If new threats are identified, details of such file types are
sent to your appliance through updater servers. If you enable this
functionality, your appliance will send such file types for analysis in
addition to the file types you have selected.
zero day threats. If new threats are identified, details of such file types are
sent to your appliance through updater servers. If you enable this
functionality, your appliance will send such file types for analysis in
addition to the file types you have selected.
Select the Other potentially malicious file types option on the File
Reputation and Analysis Settings page (Security Services > File
Reputation and Analysis > Edit Global Settings > File Analysis
section) to enable this functionality.
Reputation and Analysis Settings page (Security Services > File
Reputation and Analysis > Edit Global Settings > File Analysis
section) to enable this functionality.
For information about the new file types that are analyzed, see File
Criteria for Advanced Malware Protection Services for Cisco Content
Security Products, available from
Criteria for Advanced Malware Protection Services for Cisco Content
Security Products, available from
http://www.cisco.com/c/en/us/support/security/email-security-appliance/
products-user-guide-list.html
products-user-guide-list.html
Note
In order to access this document, you must have a Cisco customer
account with a support contract. To register, visit
account with a support contract. To register, visit
.
Content Scanning Engine
Update
Update
The content scanning engine is updated in this release. Going forward, all
the content scanning engine updates are automatically available through
the update server.
the content scanning engine updates are automatically available through
the update server.
Image Analysis Scanning
Engine Update
Engine Update
The image analysis scanning engine is updated in this release.