What's New in AsyncOS 15.5.1
Feature |
Description |
||||||
---|---|---|---|---|---|---|---|
Identifying Messages that Violate End-Of-Message RFC Standard |
Your email gateway now identifies and filters the messages that violate the end-of-message RFC standard (that is, <CRLF.CRLF>) to detect threats. When email gateway receives a message with an invalid end-of-message sequence, it adds an X-Ironport-Invalid-End-Of-Message Extension Header (X-Header) to all message IDs (MIDs) within that connection until a message that complies with the end-of-message RFC standard is received. You can configure policies in content filters to perform necessary actions on these messages. For more information on configuring the CR and LF Handling field, see Listening for Connection Requests by Creating a Listener Using Web Interface. |
||||||
Monitoring Vault Service and Sending Alerts |
Your email gateway now monitors the Vault service and keeps track of its status, whether it is initialized or not. It also sends appropriate alert messages and logs status information into error_logs. You can access the alert logs using one of the following ways:
If the Vault service fails to initialize due to any issues, you receive alert messages (in the mail, on the web interface, and in the CLI) to indicate that the Vault service is down, and you have to execute the Vault Recovery process to restore the Vault service.
You will receive alert messages in the following scenarios:
To restore the Vault service, you have to execute the Vault Recovery process.
For more information on how to save the email gateway’s configuration, see Saving Email Gateway's Configuration section in the Release Notes. For information on how to execute the Vault Recovery process, see Executing Vault Recovery Process to Resolve Vault Issues section in the Release Notes. |
||||||
Restarting API Server through CLI |
You can now restart the API server using a new CLI subcommand - For more information on the |
||||||
Configuring Threat Scanner for Threat Detection |
In the AsyncOS 15.0 release, the Threat Scanner feature was introduced to detect threats on incoming messages. In this release, you could not directly configure Threat Scanner to detect threats and it was configured in the back end. From this release onwards, you can configure Threat Scanner to detect incoming threats on your email gateway. You can enable or disable Threat Scanner for each incoming mail policy. When you enable Threat Scanner, it scans the incoming messages and influences the Anti-Spam verdict. Prerequisite: You must enable Graymail Global Settings to enable Threat Scanner. You can configure Threat Scanner per policy in the following ways:
Install and Upgrade Scenarios When you install or upgrade your email gateway from AsyncOS 15.0 or earlier versions to AsyncOS 15.5.1 release, Threat Scanner will be disabled by default. For more information, see Defining Anti-Spam Policies. |
||||||
Including Additional Attributes for Improved Efficacy of SDR Service |
Your email gateway now includes the Additional Attributes (Display name and the complete email address - Username, and Domain) by default as part of telemetry data sent to Cisco TAC for reputation analysis to enhance the efficacy of the Sender Domain Reputation (SDR) service. When the administrator logs into the email gateway, you will receive a warning message informing that the Include Additional Attributes option in SDR is enabled by default so that telemetry data includes the processing of personal data.
If you want to disable the Include Additional Attributes option:
For more information, see Enabling Sender Domain Reputation Filtering on Email Gateway. |
||||||
Support of Large Key Size Values for DKIM Verification |
You can select the new, large key size values for DKIM verification in the following ways:
|
||||||
No Support for 512 and 768 Key Size Values in New DKIM Verification profile |
From this release onwards, the 512 and 768 key bits size values are no longer supported when you create a new DKIM verification profile.
|
||||||
TLS 1.3 Support for SSL Services |
You can now configure TLS 1.3 for the following TLS services in your email gateway:
The email gateway only supports the following TLS ciphers when you configure TLS 1.3 for the “GUI HTTPS,” “Inbound SMTP,” and “Outbound SMTP” TLS services:
|
||||||
Obtaining File Hash Lists, RAT, and SMTP Routes, Save and Load Configuration, Address List, and Incoming Mail Policy Users Information using AsyncOS APIs |
You can now obtain information about File Hash Lists, Recipient Access Table (RAT) entries, SMTP routes, Save and Load Configuration, Address List, and Incoming Mail Policy Users in your email gateway using AsyncOS APIs. For more information, see the “Configuration APIs” section of the AsyncOS 15.5.1 API for Cisco Secure Email Cloud Gateway - Getting Started Guide. |
||||||
Enforcing TLS for Outgoing Messages at Sender or Recipient Level |
The existing Destination Controls configuration allows you to override the TLS modes (such as TLS Mandatory, TLS Preferred, and so on) on a per-domain basis. If you need to enforce TLS for outgoing messages based on additional conditions such as – senders, recipients, and so on,
you can now use the You can configure the "Content Filter – Add/Edit Header" action to add the |
||||||
Synchronizing Configuration Changes between Machines in Different Clusters Simultaneously |
You can synchronize configuration changes made to a logged-in machine in one cluster to all machines in a remote cluster simultaneously. The synchronization process occurs only when both clusters are in the same or different data centers of the same region.
To enable this feature, contact your Cisco account manager. Prerequisite: Before you request your Cisco account manager to enable this feature, ensure the configuration is the same in all machines across the clusters.
|
||||||
Configure Threat Defense Connector for individual incoming mail policies. |
You can now configure Threat Defense Connector for each incoming mail policies and also use separate message intake addresses for each mail policy. To use this feature, you must have configured and enabled the Threat Defense Connector in your Secure Email Gateway. Go to Mail Policies > Incoming Mail Policies to enable or disable Threat Defense Connector for individual mail policy. For more information, see Integrating Secure Email Gateway with Threat Defense. |
||||||
Scanning Password-Protected Attachments in Messages |
You can configure the Content Scanner in your email gateway to scan the contents of password-protected attachments in incoming or outgoing messages. The ability to scan password-protected message attachments in the email gateway helps an organization to:
The following languages are supported for this feature - English, Italian, Portuguese, Spanish, German, French, Japanese, and Korean. For more information, see Using Message Filters to Enforce Email Policies. |
||||||
Region-based Polling for URL Retrospective Service |
You can configure the URL Retrospective Service region to which the Secure Email Cloud Gateway connects for verdict updates. The Secure Email Cloud Gateway ESA can update the Retrospective Service regions and associated end-point URLs. For more information, see Setting Up URL Filtering. |
||||||
File Analysis Server Region Enhancement |
From this release onwards, the File Analysis Server region supports two new regions - Australia and Canada. You can configure File Analysis Server region in the following ways:
For more information, see Enabling and Configuring File Reputation and Analysis Services. |