Cisco Cisco Content Security Management Appliance M160
Release Notes for AsyncOS 9.6.x for Cisco Content Security Management
Documentation Updates
Important! Requirements After Upgrade
Virtual Appliances: Required Changes for SSH Security Vulnerability Fix
These requirements apply when upgrading from a release earlier than AsyncOS 9.5.0-125.
As noted in
, the following security vulnerability will be fixed during upgrade if
it exists on your appliance:
.
If you did not patch this issue before upgrading, you will see a message during upgrade stating that it has been fixed. If you
see this message, the following actions are required to return your appliance to full working order after upgrade:
see this message, the following actions are required to return your appliance to full working order after upgrade:
•
If you are upgrading from AsyncOS 8.4.0-150:
You will see an “Upgrade failure” message after running the upgrade, but the patch has installed correctly. However, you
must reboot the appliance manually to complete the installation process:
must reboot the appliance manually to complete the installation process:
After you see “Upgrade failure,” the
upgrade
command options will reappear. Press <Enter> to exit the
upgrade
command,
then enter the
reboot
command.
You should also receive an alert about an application fault; ignore this.
•
Retrieve the information you noted in
.
•
Remove the existing entry for your appliance from the known hosts list in your ssh utility. Then ssh to the appliance and
accept the connection with the new key.
accept the connection with the new key.
•
If you use SCP push to transfer logs to a remote server (including Splunk): Clear the old SSH host key for the appliance
from the remote server.
from the remote server.
•
Use the
logconfig > hostkeyconfig > delete
CLI command as many times as needed to clear the old key associated
with each managed ESA and WSA virtual appliance.
•
Re-establish the connection to each managed appliance and (if applicable) reassign each managed appliance to the
appropriate configuration master:
appropriate configuration master:
1. Go to Management Appliance > Centralized Services > Security Appliances and click the link for an appliance in the list.
2. Click Establish Connection.
3. (Managed WSAs only) If your appliance is configured for centralized configuration management, re-assign the
Configuration Master to each managed WSA.
Configuration Master to each managed WSA.
4. Submit and commit your changes if applicable.
5. Repeat for each managed appliance.
File Analysis: Required Changes to View Analysis Result Details in the Cloud
The requirement in this section applies to upgrades from releases earlier than AsyncOS 9.5.0-125.
In order to view detailed file analysis results in the cloud for all files uploaded from all email and web security appliances in
your organization, you must configure an appliance group on each appliance after upgrading. To configure appliance groups
on your content security management appliance, see the email or web reporting chapter in the user guide PDF for this release.
your organization, you must configure an appliance group on each appliance after upgrading. To configure appliance groups
on your content security management appliance, see the email or web reporting chapter in the user guide PDF for this release.
Documentation Updates
The User Guide PDF may be more current than the online help. To obtain the User Guide PDF and other documentation for
this product, click the View PDF button in the online help or visit the URL shown in
this product, click the View PDF button in the online help or visit the URL shown in
.