Introduction

This chapter contains the following sections:

What’s New in This Release

This section describes the new features and enhancements in this release of AsyncOS for Cloud Email Security Management Console. For more information about the release, see the product release notes, which are available at the following URL:

http:/​/​www.cisco.com/​c/​en/​us/​support/​security/​content-security-management-appliance/​tsd-products-support-series-home.html

If you are upgrading, you should also review release notes for other releases between your former release and this release, in order to see the features and enhancements that were added in those releases.

Table 1 What's New in this Release

Feature

Description

New Web Interface for Reporting, Quarantine and Tracking

The appliance now has a new web interface to search and view:

To enable and configure reporting, message tracking, quarantines, network access, and monitor system status, you must access the legacy web interface. Click the gear icon on the Cloud Email Security Management Console, to navigate to the legacy web interface.

The legacy web interface opens in a new browser window and you must log in again to access it.

If you want to log out of the appliance completely, you need to log out of both the new and legacy web interfaces of your appliance.

Changes in Behavior

Change in Report Pages

The following reports are changed in this release:

  • Overview report page is renamed to Mail Flow Summary.

  • Outbreak Filters report page is renamed to Outbreak Filtering.

  • Virus Types report page is renamed to Virus Filtering.

  • Advanced Malware Protection, AMP File Analysis, AMP Verdict Updates and Mailbox Auto Remediation report pages are merged as Advanced Malware Protection.

  • Incoming Mail and Outgoing Senders report pages are merged as Mail Flow Details.

  • TLS Connections report page is renamed to TLS Encryption.

  • Geo-Distribution report page is renamed to Connection by Country.

  • Internal Users report page is renamed to User Mail Summary.

  • Web Interaction Tracking report page is renamed to Web Interaction.

For more information, see Understanding the Email Reporting Pages.

Changing the User's Password After Expiry

Users are prompted to change the password after the user account is expired. For more information, see Changing the User’s Password After Expiry.

Comparison of Web Interfaces, AsyncOS 11.4 vs. Previous Releases

The following table shows the comparison of the AsyncOS 11.4 web interface with the previous versions:

Table 2 Comparison of Web Interfaces - AsyncOS 11.4 vs. Previous Releases

Web Interface Page or Element

AsyncOS 11.4

Previous Releases

Landing Page

After you log in to the Cloud Email Security Management Console, the Mail Flow Summary page is displayed.

After you log in to the appliance, the System Status page is displayed.

Management Appliance Tab

Click on the Cloud Email Security Management Console to access the Management Appliance tab.

You can enable and configure reporting, message tracking and quarantines, as well as configure network access, and monitor system status.

My Reports Page

Click on the Cloud Email Security Management Console and choose Email > Reporting > My Reports to access the My Reports page.

You can customize your reports dashboard by assembling charts (graphs) and tables from existing report pages.

Reporting Data Availability Page

Click on the Cloud Email Security Management Console and choose Email > Reporting > Reporting Data Availability to access the Reporting Data Availability page.

You can view, update and sort data to provide real-time visibility into resource utilization and email traffic trouble spots.

Scheduling & Archiving Reports

Click on the Cloud Email Security Management Console and choose Email > Reporting > Scheduled Reports to schedule your reports.

Click on the Cloud Email Security Management Console and choose Email > Reporting > Archive Reports to archive your reports.

You can schedule reports using the Email > Reporting > Scheduled Reports page, and archive your reports using the Email > Reporting > Archived Report page of the Security Management appliance.

Reporting Overview Page

The Email Reporting Overview page on the Security Management appliance has been redesigned as Mail Flow Summary page in the new web interface. The Mail Flow Summary page includes trend graphs and summary tables for incoming and outgoing messages.

The Email Reporting Overview page on the Security Management appliance provides a synopsis of the email message activity from your Email Security appliances. The Overview page includes graphs and summary tables for the incoming and outgoing messages.

Report Drill-down

You cannot perform drill-down in reports in the new web interface.

You can perform a drill-down in the following reports:

  • Incoming Mail

  • Internal Users

  • Content Filters

  • Web Interaction Tracking

  • System Capacity

Advanced Malware Protection Report Pages

The following sections are available on the Advanced Malware Protection report page of the Reports menu:

  • Summary

  • AMP File Reputation

  • File Analysis

  • File Retrospection

  • Mailbox Auto Remediation

The Email > Reporting drop-down menu of the Security Management appliance has the following Advanced Malware Protection report pages:

  • Advanced Malware Protection

  • AMP File Analysis

  • AMP Verdict Updates

  • Mailbox Auto Remediation

Outbreak Filters Page

The Past Year Virus Outbreaks and Past Year Virus Outbreak Summary are not available in the Outbreak Filtering report page of the new web interface.

The Email > Reporting Outbreak Filters page displays the Past Year Virus Outbreaks and Past Year Virus Outbreak Summary.

Spam or End-User Quarantines

To access Spam Quarantine on the Cloud Email Security Management Console, click Quarantine > Spam Quarantine. The Spam Quarantine page is displayed in a new browser window.

-

Policy, Virus and Outbreak Quarantines

You can only view Policy, Virus and Outbreak Quarantines in the new web interface.

To configure or modify the policy, virus and outbreak quarantines on the Cloud Email Security Management Console, click Quarantine > Other Quarantine > View > +.

You can view, configure and modify the Policy, Virus and Outbreak Quarantines on the appliance.

Select All Action for Messages in Quarantine

You can select multiple (or all) messages and perform a message action such as delete, delay, release, move, etc.

You cannot select multiple messages to perform a message action.

Maximum Download Limit for Attachments

The maximum limit for downloading attachments of a quarantined message is restricted to 25 MB.

-

Message Details

Click on the Cloud Email Security Management Console and choose Email > Message Quarantine > Policy, Virus and Outbreak Quarantine to track quarantined messages.

You can perform message tracking of quarantined messages using the Message Details section of the quarantines.

Rejected Connections

To search for rejected connections, click Tracking > Search > Rejected Connection tab on the Cloud Email Security Management Console.

-

Query Settings

The Query Settings field of the Message Tracking feature is not available on the Cloud Email Security Management Console.

You can set the query timeout in the Query Settings field of the Message Tracking feature.

Message Tracking Data Availability

Click on the Cloud Email Security Management Console and choose Email > Message Tracking > Message Tracking Data Availability to access Message Tracking Data Availability page.

You can view the missing-data intervals for your appliance.

Show Additional Details of Messages

You can view additional details of a message such as Verdict Charts, Last State, Sender Groups, Sender IP, SBRS Score and Policy Match details.

-

Verdict Charts and Last State Verdicts

Verdict Chart displays information of the various possible verdicts triggered by each engine in your appliance.

Last State of the message determines the final verdict triggered after all the possible verdicts of the engine.

Verdict Charts and Last State Verdicts of the messages are not available.

Message Attachments and Host Names in Message Details

Message attachments and host names are not displayed in the Message Details section of the message on the Cloud Email Security Management Console

Message attachments and host names are displayed in the Message Details section of the message.

Sender Groups, Sender IP, SBRS Score and Policy Match in Message Details

Sender Groups, Sender IP, SBRS Score, and Policy Match details of the message is displayed in the Message Details section, on the Cloud Email Security Management Console.

Sender Groups, Sender IP, SBRS Score, and Policy Match of the message is not available in the Message Details section of the message.

Direction of the Message (Incoming or Outgoing)

Direction of the message (incoming or outgoing) is displayed in the message tracking results page, on the Cloud Email Security Management Console.

Direction of the message (incoming or outgoing) is not displayed in the message tracking results page.

Cisco Content Security Management Overview

AsyncOS for Cisco Content Security Management incorporates the following features:

  • External Spam Quarantine:Hold spam and suspected spam messages for end users, and allow end users and administrators to review messages that are flagged as spam before making a final determination.
  • Centralized Policy, Virus, and Outbreak Quarantines: Provide a single interface for managing these quarantines and the messages quarantined in them from multiple Email Security appliances. Allows you to store quarantined messages behind the firewall.
  • Centralized reporting: Run reports on aggregated data from multiple Email Security appliances. The same reporting features available on individual appliances are available on Security Management appliances.
  • Centralized tracking: Use a single interface to track email messages that were processed by multiple Email Security appliances.
  • Backup of data: Back up the data on your Security Management appliance, including reporting and tracking data, quarantined messages, and lists of safe and blocked senders.

You can coordinate your security operations from a single Security Management appliance or spread the load across multiple appliances.