Download Firmware Cisco SMA AsyncOS 14.3 Refresh

Cisco has released a firmware update for her Content Security Management Appliances, which are abbreviated to SMA. The technology comes from IronPort Systems, which was purchased by Cisco in 2007, although that was more than a decade ago, you still hear the name IronPort for these appliances. For the supported upgrade paths, it is advisable to review the documentation or contact Cisco’s TAC. This firmware is called 14.3 Refresh and has 14.3.0-120 as the exact version number; this also lists the recent ones sql injection and http response header injectionproblems addressed. The list of innovations looks like this:

What’s New in this Release

Custom User Role for AMP. The administrator can define a custom user role that provides access to view the AMP-related reports for all email gateways or the selected Reporting Group. The administrator can then assign this custom user role to a user. The administrator can navigate to System Administrator > User Role > Add Email User Role and select AMP Reports in Access to data in Reporting Group or Access to data in all Email Appliances dropdown list for the Email Reporting field to create the AMP custom user role. For more information, see “Access to Email Reporting” section in the “Distributing Administrative Tasks” chapter of the user guide.

Changes in Behavior

Print and Clear subcommands are available for the Certconfig command. Before this release, you could not print or clear the different certificates or keys installed for inbound, outbound, HTTPS management access, and LDAPS services. After you upgrade to this release, you can print or clear the different certificates or keys installed for inbound, outbound, HTTPS management access, and LDAPS services. You can use Certconfig > Print or Clear subcommand in the CLI to print or clear the different certificates or keys installed.

JWT token – error message changes. Before this release, when you used JSON Web Token (JWT) token to make any API request, and if the JWT token was expired, the expired token error message was displayed. From this release onwards, when you use the JWT token to make any API request, if the JWT token used is older than 12 hours, an invalid token or expired token error message is displayed. The expired token error message is displayed only up to 12 hours from token generation.

Modifications to the SPoG feature. When you enable or disable SPoG, the session of all the users concurrently logged into the new web interface becomes invalid, and a new request to the server logs them out. The users must log in again. Also, if a Secure Email and Web Manager is added to SPoG, and you are currently logged into the new web interface of the same Secure Email and Web Manager, then you will be logged out due to a change in the flow of JWT validation.

Message Tracking – Remediation Action Changes.

• Before this release, you could enter az, AZ, 0-9, and any special characters for the Remediation Batch Name and Description fields in the Confirm Remediation dialog box.
• From this release onwards, you can only enter az, AZ, 0-9, _, -, and spaces for the Remediation Batch Name and Description fields in the Confirm Remediation dialog box. Any other special characters are not allowed.

Syslog disk buffer size configuration changes.

• Before this release, the maximum syslog disk buffer size allowed for syslog push log subscription was 10GB.
• From this release onwards, the maximum syslog disk buffer size allowed for syslog push log subscription is 1GB.

[Applicable for AsyncOS upgrade only]: During the upgrade, the system automatically reduces the maximum disk buffer size value to 1GB if the existing configured value is more than 1 GB before the upgrade.