Cisco Cisco Web Security Appliance S390
13
Release Notes for AsyncOS 8.5.x for Cisco Web Security Appliances
Installation and Upgrade Notes
Post-Upgrade Reboot
You must reboot the Web Security appliance after you upgrade AsyncOS for Web.
Unescaped Dots in Regular Expressions
Following upgrades to the regular-expression pattern-matching engine, you may receive an alert
regarding unescaped dots in existing pattern definitions after updating your system. Any unescaped dot
in a pattern that will return more than 63 characters after the dot will be disabled by the Velocity
pattern-matching engine, and an alert to that effect will be sent to you, and you continue to receive an
alert following each update until you correct or replace the pattern. Generally, unescaped dots in a larger
regular expression can be problematic and should be avoided.
regarding unescaped dots in existing pattern definitions after updating your system. Any unescaped dot
in a pattern that will return more than 63 characters after the dot will be disabled by the Velocity
pattern-matching engine, and an alert to that effect will be sent to you, and you continue to receive an
alert following each update until you correct or replace the pattern. Generally, unescaped dots in a larger
regular expression can be problematic and should be avoided.
Changes in Behavior
This section describes changes in behavior from previous versions of AsyncOS for Web that may affect
the appliance configuration after you upgrade to the latest version.
the appliance configuration after you upgrade to the latest version.
List of Available Upgrades
All available releases, including releases that would previously have been provisioned only to a limited
number of customers as a limited release, now appear in the list of available upgrades.
number of customers as a limited release, now appear in the list of available upgrades.
Each release in the list is identified by the release type (ED - Early Deployment, GD - General
Deployment, MD - Maintenance Deployment, etc.) For an explanation of these terms, see
Deployment, MD - Maintenance Deployment, etc.) For an explanation of these terms, see
.
Support Requests Require CCO ID and Support Contract
In order to open a support request from the appliance, you must now enter a CCO ID and a support
contract ID.
contract ID.
New Certificate Management Page
Certificate management functionality has been moved from the Security Services > HTTPS Proxy page
to a new, stand-alone page: Network > Certificate Management.
to a new, stand-alone page: Network > Certificate Management.
Exporting Web Tracking Data
Previously, when exporting web tracking data as CSV, the data was sorted by timestamp. Beginning in
AsyncOS 8.5, this data is not sorted.
AsyncOS 8.5, this data is not sorted.
SNMP Monitoring
The following functionality is different from previous implementations:
Message authentication and encryption are mandatory when enabling SNMPv3. Passwords for
authentication and encryption should be different. The encryption algorithm can be AES (recommended)
or DES. The authentication algorithm can be SHA-1 (recommended) or MD5.
authentication and encryption should be different. The encryption algorithm can be AES (recommended)
or DES. The authentication algorithm can be SHA-1 (recommended) or MD5.