Cisco Cisco Email Security Appliance C170
5
Release Notes for AsyncOS 10.0 for Cisco Email Security Appliances
Changes in Behavior
Changes in Behavior
Advanced Malware
Protection Behavior
Changes
Protection Behavior
Changes
•
If a message has malformed headers, the appliance will attempt to
extract the attachments from the message. If the extracted messages
are found to be malicious, the file reputation verdict is set to
“malicious.” If the appliance is unable to extract the attachments, the
file reputation verdict is set to “unscannable.”
extract the attachments from the message. If the extracted messages
are found to be malicious, the file reputation verdict is set to
“malicious.” If the appliance is unable to extract the attachments, the
file reputation verdict is set to “unscannable.”
•
The file reputation verdict for a message without any attachments is
set to “skipped.”
set to “skipped.”
Advanced Malware
Protection and File
Analysis Reports Prior to
the Upgrade
Protection and File
Analysis Reports Prior to
the Upgrade
Advanced Malware Protection, File Analysis, and Verdict Updates reports
are enhanced to display additional fields, graphs, and so on. The reports
displayed after the upgrade do not include the reporting data prior to the
upgrade. To view the reports prior to the upgrade, click on the hyperlink
(
are enhanced to display additional fields, graphs, and so on. The reports
displayed after the upgrade do not include the reporting data prior to the
upgrade. To view the reports prior to the upgrade, click on the hyperlink
(
Click here to view reports prior to AsyncOS 10.0
) at the top of the
report page.
Change in Report Page
Name
Name
File Analysis report page is renamed to Advanced Malware Protection File
Analysis.
Analysis.
DKIM Signing of System
Generated Messages
Generated Messages
DKIM Signing of System Generated Messages option is now available
under Mail Policies > Signing Profiles > DKIM Global Settings.
under Mail Policies > Signing Profiles > DKIM Global Settings.
Graymail Changes
Prior to this release, if a message is graymail and outbreak filter positive,
the actions configured for graymail are not applied after the message is
released from the outbreak quarantine. The safe unsubscribe banner (if
configured) is not added in this scenario.
the actions configured for graymail are not applied after the message is
released from the outbreak quarantine. The safe unsubscribe banner (if
configured) is not added in this scenario.
After upgrading to this release, the actions configured for graymail are
applied after the message is released from the outbreak quarantine. The
safe unsubscribe banner (if configured) is added in this scenario.
applied after the message is released from the outbreak quarantine. The
safe unsubscribe banner (if configured) is added in this scenario.
Advanced Malware
Protection File Detail -
Report Changes
Protection File Detail -
Report Changes
•
The content of Matching Signatures report on the Advanced Malware
Protection File Analysis > File Detail page is merged with the
Classification / Threat Score report.
Protection File Analysis > File Detail page is merged with the
Classification / Threat Score report.
•
The Classification / Threat Score report on the Advanced Malware
Protection File Analysis > File Detail page is renamed to Behavioral
Indicators. Also, this report now includes only the following details:
Protection File Analysis > File Detail page is renamed to Behavioral
Indicators. Also, this report now includes only the following details:
–
Indicators (formerly shown as Matching Signatures)
–
Category (formerly shown as Factor)
–
Threat Level
Change in SPF
Verification Content and
Message Filter Behavior
Verification Content and
Message Filter Behavior
If you have configured an SPF verification content or message filter rule
without an SPF identity and if a message contains different SPF identities
with different verdicts, the rule is triggered if one of the verdicts in the
message matches the rule.
without an SPF identity and if a message contains different SPF identities
with different verdicts, the rule is triggered if one of the verdicts in the
message matches the rule.