Release Notes for Cisco IronPort AsyncOS 7.6.1 for Email Published: April 17, 2012 Contents This document contains release information for Cisco IronPort AsyncOS 7.6.1 for the Email Security appliance, and includes the following sections: • What’s New in Cisco IronPort AsyncOS 7.
What’s New in Cisco IronPort AsyncOS 7.6.1 for Email Resolved Issues in Version 7.6.1 Table 1 Resolved Issues in AsyncOS 7.6.1 for Email Defect ID Description 83927 Fixed: Switching from RSA Enterprise Manager Mode to Local RSA Email DLP Mode Using Wizard Causes Errors 83925 In the AsyncOS 7.6.
What’s New in Cisco IronPort AsyncOS 7.6.1 for Email Table 1 Resolved Issues in AsyncOS 7.6.1 for Email (continued) Defect ID Description 80566 Fixed: Changing Notification Schedule Sends Out Notification Fixed an issue where changing an email notification schedule results in the Email Security appliance automatically sends out email notifications once you commit the change. 84294 Fixed: Upgrading to AsyncOS 7.6.
What’s New in Cisco IronPort AsyncOS 7.6 for Email Table 1 Resolved Issues in AsyncOS 7.6.1 for Email (continued) Defect ID Description 84389 Fixed: Signing a Splintered Message Relayed Through Private Listener with DKIM Could Result in Dropped Message If you have configured a private listener on the appliance to sign a message using DKIM, it was possible in previous versions of AsyncOS that the appliance may not have delivered one of the messages if the original message was splintered.
What’s New in Cisco IronPort AsyncOS 7.6 for Email New Feature: RSA Enterprise Manager Integration AsyncOS 7.6’s RSA Enterprise Manager Integration allows your organization to migrate an Email Security appliance’s Data Loss Prevention policies to RSA Security’s Enterprise Manager software in order to distribute those policies to all of your vectors enforcement.
What’s New in Cisco IronPort AsyncOS 7.6 for Email Enhancement: New and Updated RSA Email DLP Policy Templates AsyncOS 7.6 includes some updated RSA Email DLP policy templates, which may affect the performance of existing DLP policies on your appliance. Please double-check your DLP policies to see if the classifiers have changed. The following RSA Email DLP policy templates have been updated to require customization in AsyncOS 7.
What’s New in Cisco IronPort AsyncOS 7.6 for Email • U.S. Virgin Islands V.I. Code 2208 • Virginia SB-307 • West Virginia SB-340 • Wisconsin SB-164 • Wyoming WS 40-12-501 to 502 • Credit Card Numbers - By Issuer • US Passport Numbers • Confidential Documents • Network Diagrams Enhancement: SenderBase Reputation Service Requires an Anti-Spam Feature Key Starting in AsyncOS 7.
What’s New in Cisco IronPort AsyncOS 7.6 for Email New Feature: DKIM Signing of System-Generated Messages AsyncOS 7.6 allows you to choose whether to sign system-generated messages with a DKIM signature.
Upgrade Paths See the “System Administration” chapter in the Cisco IronPort AsyncOS for Email Configuration Guide for more information. Enhancement: Message Size for Encryption Starting in AsyncOS 7.6, the Email Security appliance can encrypt messages up to 10 MB in size. If the appliance attempts to encrypt a message larger than 10 MB, it will be send the message back to the sender. Enhanced: Web User Interface Protection AsyncOS 7.
Installation and Upgrade Notes AsyncOS Reversion If you plan to revert to an earlier version of AsyncOS, such as AsyncOS 7.5.1 or AsyncOS 7.1.5, you must update your network settings to use only IPv4 addresses before performing the reversion. Earlier releases of AsyncOS for Email do not support IPv6 and any settings that use IPv6 addresses will be reset. Re-enable SNMP SNMP does not start when you boot the appliance after upgrading to AsyncOS 7.6. Use snmpconfig -> setup and then commit to enable it.
Resolved Issues Upgrading to the AsyncOS 7.6 Release For the AsyncOS 7.6 release, please use the following instructions to upgrade your Email Security appliance. Step 1 Save the XML configuration file off the IronPort appliance. Step 2 If you are using the Safelist/Blocklist feature, export the Safelist/Blocklist database off the IronPort appliance. Step 3 Suspend all listeners. Step 4 Wait for the queue to empty. Step 5 From the System Administration tab, select the System Upgrade page.
Known Issues Table 2 Resolved Issues in AsyncOS 7.6.0 for Email (continued) Defect ID Description 72743 AsyncOS 7.6 Updated to Use OpenSSH 5.4 AsyncOS 7.6 has been updated to use OpenSSH 5.4 in order to fix the CVE-2008-5161 vulnerability. 72524 Fixed: Disclaimers Cannot Be Added to Non-US-ASCII Message Body Previously, mail agents such as Outlook and Thunderbird displayed a disclaimer as an attachment and not inline with the message because the message body was not encoded as US-ASCII.
Known Issues Table 3 Known Issues for AsyncOS 7.6.0 for Email Defect ID Description 82515 Application Fault May Occur When RSA Enterprise Manager DLP is Enabled at Group or Cluster Level Under rare conditions, configuring a clustered ESA to use RSA EM DLP at cluster or group level may lead to an application fault. 81348 Admin Password Immediately Expired When Reset Password Option is Enabled If you do not change the admin password after performing a netinstall, AsyncOS 7.
Known Issues Table 3 Known Issues for AsyncOS 7.6.0 for Email (continued) Defect ID Description 72847 Modifying Certificate Reinitializes All Interfaces. If you modify the HTTPS certificate on any interface, AsyncOS reinitializes all existing interfaces on the appliance. During the initialization, which is usually less than a second, network errors are seen while interfaces reinitialize and alerts are sent.
Known Issues Table 3 Known Issues for AsyncOS 7.6.0 for Email (continued) Defect ID Description 76940 Using IronPort Mail Merge Variables in a Message May Prevent DKIM Signing Using IronPort Mail Merge (IPMM) variables for outgoing messages may invalidate the DKIM signature for any signed messages that are altered by IPMM. IPMM is only used on C300D, C350D, C360D, and C370D appliances.
Known Issues Table 3 Known Issues for AsyncOS 7.6.0 for Email (continued) Defect ID Description 52308 LDAP Test Query in Domain Assignment Fails If One or More Servers Defined in Domain Assignments Is Unreachable. When you run the test query from the Domain Assignment page, the query may erroneously tests other servers defined from the Domain Assignments page. If any server defined in the Domain Assignments page is unreachable, the query may fail.
Related Documentation Related Documentation The documentation for the Cisco IronPort Email Security appliance includes the following books: • Cisco IronPort AsyncOS for Email Daily Management Guide. This guide provides instructions for performing common, everyday tasks that system administrators use to manage and monitor the IronPort appliance, such as viewing email traffic using the Email Security Monitor, tracking email messages, managing system quarantines, and troubleshooting the appliance.
Service and Support Printed in the USA on recycled paper containing 10% postconsumer waste. Release Notes for Cisco IronPort AsyncOS 7.6.
