Cisco Cisco Web Security Appliance S680 發佈版本通知
11
Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances
Upgrading AsyncOS for Web
Previously, the format was LDAP://(groupname). This software change may require changes to policies
or other automation relying on the X-Authenticated-Groups header. [Defect: CSCum91801]
or other automation relying on the X-Authenticated-Groups header. [Defect: CSCum91801]
Upgrading AsyncOS for Web
Before You Begin
•
Perform preupgrade requirements, including updating the RAID controller firmware. See
.
•
Log in as Administrator.
Step 1
On the System Administration > Configuration File page, save the XML configuration file off the Web
Security appliance.
Security appliance.
Step 2
On the System Administration > System Upgrade page, click Available Upgrades.
The page refreshes with a list of available AsyncOS for Web upgrade versions.
Step 3
Click Begin Upgrade to start the upgrade process. Answer the questions as they appear.
Step 4
When the upgrade is complete, click Reboot Now to reboot the Web Security appliance.
Note
To verify the browser loads the new online help content in the upgraded version of AsyncOS, you must
exit the browser and then open it before viewing the online help. This clears the browser cache of any
outdated content.
exit the browser and then open it before viewing the online help. This clears the browser cache of any
outdated content.
New features are typically not enabled by default.
Important! Actions Required After Upgrading
In order to ensure that your appliance continues to function properly after upgrade, you must address the
following items:
following items:
Virtual Appliances: Required Changes for SSH Security Vulnerability Fix
Requirements in this section were introduced in AsyncOS 8.8.
The following security vulnerability will be fixed during upgrade if it exists on your appliance:
If you did not patch this issue before upgrading, you will see a message during upgrade stating that it
has been fixed. If you see this message, the following actions are required to return your appliance to
full working order after upgrade:
has been fixed. If you see this message, the following actions are required to return your appliance to
full working order after upgrade:
•
Remove the existing entry for your appliance from the known hosts list in your ssh utility. Then ssh
to the appliance and accept the connection with the new key.
to the appliance and accept the connection with the new key.
•
If you use SCP push to transfer logs to a remote server (including Splunk): Clear the old SSH host
key for the appliance from the remote server.
key for the appliance from the remote server.
•
If your deployment includes a Cisco Content Security Management Appliance, see important
instructions in the Release Notes for that appliance.
instructions in the Release Notes for that appliance.