Cisco Cisco Email Security Appliance C170
4
Release Notes for AsyncOS 9.0 for Cisco Email Security Appliances
What’s New
Welcome banner to
display internal
security information or
best practice
instructions for the
appliance
display internal
security information or
best practice
instructions for the
appliance
You can configure Cisco AsyncOS for Email to display a welcome banner
after a user successfully logs into the appliance through SSH, FTP, or web
interface. You can use the welcome banner to display internal security
information or best practice instructions for the appliance.
after a user successfully logs into the appliance through SSH, FTP, or web
interface. You can use the welcome banner to display internal security
information or best practice instructions for the appliance.
New authorization
protocol for outgoing
SMTP authentication
protocol for outgoing
SMTP authentication
Outgoing SMTP authentication now supports the following additional
authorization protocol: LOGIN.
authorization protocol: LOGIN.
Enhanced spam
protection capabilities
protection capabilities
Cisco AsyncOS now has enhanced capabilities to detect and protect against
new spam campaigns, for example, snowshoe spam.
new spam campaigns, for example, snowshoe spam.
Enhanced logic to
detect whether AMP
services (File
Reputation and
Analysis) are reachable
detect whether AMP
services (File
Reputation and
Analysis) are reachable
To avoid false alerts, the logic used to detect whether AMP services (File
Reputation and Analysis) are reachable is enhanced.
Reputation and Analysis) are reachable is enhanced.
Configurable SSL
Settings in FIPS Mode
Settings in FIPS Mode
In FIPS mode, you can now configure the Cipher Suites in the SSL settings,
using the
using the
sslconfig
command in CLI. For more information, see Cisco
AsyncOS for Email CLI Reference Guide.
Note
You cannot change server and client methods in FIPS mode.
Configurable SSH
Server Settings
Server Settings
You can now configure the following SSH server settings using the
sshconfig
command in CLI:
•
Public Key Authentication Algorithms
•
Cipher Algorithms
•
KEX Algorithms
•
MAC Methods
•
Minimum Server Key Size
Encrypt sensitive data
in FIPS mode
in FIPS mode
In FIPS mode, you can now encrypt:
•
Critical security parameters in your appliance
•
Swap space in your appliance.
This helps to prevent any unauthorized access or forensic attacks when the
physical security of the appliance is compromised.
physical security of the appliance is compromised.
Use the
fipsconfig
command in CLI to enable encryption of sensitive data
in the appliance.
Encrypt sensitive data
in configuration files
in configuration files
You can now encrypt the critical security parameters in the appliance
configuration file while exporting, emailing, or displaying it.
configuration file while exporting, emailing, or displaying it.
Permanently delete
sensitive data in the
appliance
sensitive data in the
appliance
You can now permanently delete sensitive data (critical security parameters)
in your appliance using one of the following commands in CLI:
in your appliance using one of the following commands in CLI:
•
wipedata
•
diagnostic > reload
See Cisco AsyncOS for Email CLI Reference Guide.
Feature
Description