Release Notes for Cisco IronPort AsyncOS 7.7 for Security Management Published: February 15, 2012 Revised: April 9, 2012 Contents This document contains information for Cisco IronPort AsyncOS 7.7 for Security Management. This document includes the following sections: • What’s New in Cisco IronPort AsyncOS 7.
What’s New in Cisco IronPort AsyncOS 7.7 for Security Management What’s New in Cisco IronPort AsyncOS 7.7 for Security Management This section describes the new features and enhancements in AsyncOS 7.7 for Security Management. For more information about the release, see the complete documentation at: http://www.cisco.com/en/US/products/ps10155/tsd_products_support_series_ho me.
What’s New in Cisco IronPort AsyncOS 7.7 for Security Management Table 1 New Features for AsyncOS 7.7 for Security Management (continued) Feature Description DLP Tracking Privileges AsyncOS 7.7 allows on-Administrator users to view content in Message Tracking that matches a DLP policy violation. You can enable or disable this access to control visibility of sensitive information. Restrictive User Accounts and Password Settings AsyncOS 7.
Upgrade Paths Table 1 New Features for AsyncOS 7.7 for Security Management (continued) Feature Description Virus Outbreak Filters Report The Virus Outbreak Filters report has been enhanced and renamed to the Outbreak Filters Report. This report now also includes information on malware distribution, scams, and phishing attempts. PDF Reports Enhancements New in AsyncOS 7.7, you can generate PDF reports in languages other than English and properly render all non-ASCII characters in PDF reports.
SMA Compatibility Matrix SMA Compatibility Matrix This section describes the compatibility between AsyncOS 7.7 for the Security Management appliance and the various AsyncOS releases for the Email Security appliance and the Web Security appliance. Additionally, it includes a table of supported configuration file versions.
SMA Compatibility Matrix Table 1-3 Security Management Appliance Compatibility with the Web Security Appliance ICCM Publish1 Advanced File Publish to the Web Security appliance (versions 5.7, 6.3, and 7.1) WSA 5.6 Feature not Available No support No support WSA 5.7 Feature not Available Support on 5.7 Configuration Master Configuration file version must match target WSA version. WSA 6.0 Feature not Available No support No support WSA 6.3 Feature not Available Support on 5.7 and 6.
Installation Notes Installation Notes Preupgrade Notes Be aware of the upgrade impacts and advisories discussed in the following topics. Disk Space Reduction This issue applies only to M160 hardware. Some AsyncOS for Security Management releases prior to this release had more disk space available for data storage than is available in this release, as specified in Table 5: Table 5 Total Maximum Disk Space on M160 Release Total Maximum Disk Space in GB AsyncOS 6.5.x 195 AsyncOS 6.7.x 186 AsyncOS 7.
Installation Notes releases; however, they may require modification to load. Check with Cisco IronPort Customer Support if you have any questions about configuration file support. Verify Associated Email and Web Security Appliance Releases Before upgrading to AsyncOS 7.7, verify that the Email Security appliances and Web Security appliances that you want to manage are running releases that are compatible. See the SMA Compatibility Matrix, page 5.
Documentation Updates Step 2 If you are using the Safelist/Blocklist feature, export the list from the appliance: On the Security Management appliance, click System Administration > Configuration File and scroll down. For complete information, see the documentation for your release of the Security Management appliance. Step 3 Perform the upgrade: a. On the Security Management appliance, click System Administration > System Upgrade. b. Click Available Upgrades.
Known Issues Known Issues Note Known issues in AsyncOS for Email Security and AsyncOS for Web Security are documented in the release notes for those products. Table 6 describes the known issues for the Security Management appliance for this release. Table 6 Known Issues in Cisco IronPort AsyncOS 7.
Known Issues Table 6 Known Issues in Cisco IronPort AsyncOS 7.7 for Security Management (continued) Defect ID Description 80601 Users from group “Email Administrators” cannot log in directly to the Spam Quarantine After upgrade to release 7.7.0, users who attempt to access the Spam Quarantine without signing in first to the web interface of the Security Management appliance cannot log in.
Known Issues Table 6 Known Issues in Cisco IronPort AsyncOS 7.7 for Security Management (continued) Defect ID Description 73133 Domain-Based executive summary report counts stopped by reputation filtering incorrect The Stopped by Reputation Filtering results in the Domain-Based Executive Summary report on the Security Management appliance cannot be seen.
Resolved Issues Resolved Issues Table 7 Resolved Issues in Cisco IronPort AsyncOS 7.7 for Security Management Defect ID Description 83262 Fixed: FreeBSD telnetd Remote Code Execution Vulnerability Previously, there was a vulnerability that could have allowed a remote, unauthenticated attacker to execute arbitrary code with elevated privileges. This has now been fixed. For more information on the vulnerability, see the Cisco security advisory at http://tools.cisco.
Resolved Issues Table 7 Resolved Issues in Cisco IronPort AsyncOS 7.7 for Security Management (continued) Defect ID Description 81246 Fixed: (Japanese language only) "Quarantine" is mistranslated This mistranslation has been corrected. 80678 Fixed: Infrequent race condition could lock up Security Management appliance When this issue occurred, the Security Management appliance stopped communicating with associated Email and Web Security appliances, and stopped responding to input via GUI and CLI.
Resolved Issues Table 7 Resolved Issues in Cisco IronPort AsyncOS 7.7 for Security Management (continued) Defect ID Description 76790 Fixed: If 100% of available space in Disk Management was allocated before upgrade, all available disk space is not used after upgrade Previously, if 100% of disk space was allocated in a previous release, less than 100% of disk space was allocated after upgrade to AsyncOS 7.x. Now, 100% of available disk space will still be allocated after upgrade.
Service and Support Table 7 Resolved Issues in Cisco IronPort AsyncOS 7.7 for Security Management (continued) Defect ID Description 71976 Fixed: (M160 and M170 Hardware only) Disk fails with RAID alert. Software RAID robustness has been improved, making these disk failures less likely to occur. Service and Support You can request our support by phone, email, or online 24 hours a day, 7 days a week. During customer support hours (24 hours per day, Monday through Friday excluding U.S.
