Download Cisco ESA AsyncOS 12.0/11.1.2 HP4

Spread the love

Cisco has released firmware updates for its Email Security Appliances, which are abbreviated to ESA. The technology comes from IronPort Systems, which was purchased by Cisco in 2007. Although that was more than a decade ago, you still hear the name IronPort for these appliances. For the supported upgrade paths, it is recommended to read the documentation or contact Cisco’s TAC† The firmwares are called 12.0 and 11.1.2 HP4 and have 12.0.0-419 and 11.1.2-802 as exact version numbers. The list of changes looks like this:

Release Notes for AsyncOS 12.0 for Cisco Email Security Appliances

What’s New In This Release

  • Ability to consume External Threat Feeds – You can now configure your Cisco Email Security appliance to consume external threat information in STIX format communicated over TAXII protocol.
  • Filtering Messages using Sender’s Domain Reputation – Cisco Sender Domain Reputation (SDR) is a cloud service that provides a reputation verdict for email messages based on a sender’s domain and other attributes. This domain-based reputation analysis enables a higher spam catch rate by looking beyond the reputation of shared IP addresses, hosting or infrastructure providers, and derives verdicts based on features associated with fully qualified domain names (FQDNs) and other sender information in the SMTP conversation and message headers.
  • Support for Cisco AMP Threat Grid Clustering for File Analysis
  • Configuring Threshold Settings for File Analysis – You can now set the upper threshold limit for the acceptable file analysis score. The files that are blocked based on the Threshold Settings are displayed as Custom Threshold in the Incoming Malware Threat Files section of the Advanced Malware Protection report.
  • Enhanced User Experience using How-Tos Widget – The How-Tos is a contextual widget that provides in-app assistance to users in the form of walkthroughs to accomplish complex tasks on your appliance. The following are the walkthroughs that are supported for this release:
    • Verifying Incoming Messages using DMARC
    • Verifying Incoming Messages using SPF/SIDF
    • Verifying Incoming Messages using DKIM
    • Enabling and Configuring Graymail Engine on the Email Security Gateway
    • Enabling and Configuring Outbreak Filters on the Email Security Gateway
    • Detecting macro-enabled attachments in messages
  • Viewing malicious messages based on the threat name – In Message Tracking, you can now search for incoming or outgoing messages detected as malicious by the AMP engine based on the threat name.
  • DNS-based Authentication of Named Entities (DANE) support for Outgoing TLS Connections – You can now securely send messages to a valid recipient domain by enabling DNS-based Authentication of Named Entities (DANE) for outgoing TLS connections on your appliance. The ability to securely send messages to a valid recipient domain helps an organization to ensure that business critical and confidential information is delivered to the intended recipient, provided the destination domain supports DANE.
  • Support for Smart Software Licensing – Smart Software Licensing enables you to manage and monitor Cisco Email Security appliance licenses seamlessly. To activate Smart Software licensing, you must register your appliance with Cisco Smart Software Manager (CSSM), which is the centralized database that maintains the licensing details of all the Cisco products that you purchase and use.
  • Forged Email Detection Enhancement – You can now create an exception list consisting of only full email addresses to bypass the Forged Email Detection content filter in MailPolicies > AddressLists. You can use this exception list in the Forged Email Detection rule if you want the appliance to skip email addresses from the configured content filter.
  • Log Subscription enhancement – You can use the Rate Limit option to configure the maximum number of logged events in the log file, within the specified time range (in seconds). The default time range value is 10 seconds. Use the System Administration > Log Subscriptions page in the web interface or the logconfig command in CLI to set the rate limit.
  • Configuring content and message filters to handle messages that skipped DMARC verification
  • Ability to view or delete Cisco Content Security Management appliance connection parameters and host keys – You can now view or delete the Cisco Content Security Management appliance connection parameters and host keys in your appliance by using the smaconfig CLI command

Changes in Behavior

  • Changes in bypassing DMARC verification of messages
  • Changes in using default passphrase for first login
  • Changes in configuring Domain Keys/DKIM Verification
  • Changes to the SMTP route configuration with the USEDNS keyword
  • Handling Unscannable Messages due to decoding errors found during URL Filtering actions
  • Changes in Demo Certificates
  • Changes in Threshold Value for Memory Page Swapping
  • Changes in Envelope Settings for Encrypted Messages

Release Notes for AsyncOS 11.1.2 Hot Patch 4 for Cisco Email Security Appliances

Use the Cisco Bug Search Tool to find information about known and fixed defects in this release.
Known Issues
Fixed Issues

Version number 12.0 / 11.1.2 HP4
Release status Final
Website Cisco
Download
License type Paid
You might also like