Introduction

This chapter contains the following sections:

What's New in this Release

This section describes the new features and enhancements in this release of AsyncOS for Cisco Content Security Management. For more information about the release, see the product release notes, which are available at the following URL:

http://www.cisco.com/c/en/us/support/security/content-security-management-appliance/tsd-products-support-series-home.html.

If you are upgrading, you should also review release notes for other releases between your former release and this release, in order to see the features and enhancements that were added in those releases.

Table 1. What's New in AsyncOS 12.5

Feature

Description

Support for new hardware models

The AsyncOS 12.5.0 release for Cisco Content Security Management appliance supports the following hardware models:

  • M195

  • M395

  • M695

  • M695F

For details, see https://www.cisco.com/c/en/us/products/collateral/security/content-security-m%20anagement-appliance/datasheet_C78-721194.html

Managing Multiple Subset of Configuration Masters

You can now configure subsets of a particular version of the Configuration Master to centrally manage the different policy configurations of your Web Security appliance.

For more information, see Managing Web Security Appliances.

Performing Threat Analysis using Casebooks

The Cisco Content Security Management appliance now includes the casebook and pivot menu widgets.

Note 

If you are using the Microsoft Internet Explorer browser to access your appliance, you will not be able to use the casebook widget.

You can perform the following actions in your appliance using the casebook and pivot menu widgets:

  • Add an observable to a casebook to investigate for threat analysis.

  • Pivot an observable to a new case, an existing case, or other devices registered in the Cisco Threat Response portal (for example, AMP for Endpoints, Cisco Umbrella, Cisco Talos Intelligence, and so on) to investigate for threat analysis.

For more information, see Integrating with Cisco Threat Response Portal.

Ability to choose Cisco Threat Response server when registering appliance with Cisco Threat Response portal

When registering your appliance with the Cisco Threat Response portal, you can now choose a Cisco Threat Response server to connect your appliance to the Cisco Threat Response portal.

The following are the Cisco Threat Response servers that are supported for this release:

  • AMERICAS (api-sse.cisco.com)

  • EUROPE (api.eu.sse.itd.cisco.com)

For more information, see Integrating with Cisco Threat Response Portal.

My Reports page on the New Web Interface

You can create a custom report page by assembling charts (graphs) and tables from all your existing email security reports on the new web interface of your appliance.

For more information, see Working With Reports on the New Web Interface.

Configuring Policy, Virus and Outbreak Quarantine on the New Web Interface

You can now configure Policy, Virus or Outbreak Quarantine from the new web interface of your appliance.

For more information, see Centralized Policy, Virus, and Outbreak Quarantines.

Managing APIs using Swagger UI

Swagger is a set of open-source tools built around the OpenAPI Specification.

Swagger UI helps you to design and manage AsyncOS API resources on a web interface.

For more information, see Setup, Installation, and Basic Configuration

Monitoring Web Usage Analytics

You can enable or disable your website usage or activity from being sent for statistical analysis.

For more information, see Common Administrative Tasks.

Cisco Content Security Management Overview

AsyncOS for Cisco Content Security Management incorporates the following features:

  • External Spam Quarantine:Hold spam and suspected spam messages for end users, and allow end users and administrators to review messages that are flagged as spam before making a final determination.

  • Centralized Policy, Virus, and Outbreak Quarantines: Provide a single interface for managing these quarantines and the messages quarantined in them from multiple Email Security appliances. Allows you to store quarantined messages behind the firewall.

  • Centralized reporting: Run reports on aggregated data from multiple Email and Web Security appliances. The same reporting features available on individual appliances are available on Security Management appliances.

  • Centralized tracking: Use a single interface to track email messages and web transactions that were processed by multiple Email and Web Security appliances.

  • Centralized Configuration Management for Web Security appliances: For simplicity and consistency, manage policy definition and policy deployment for multiple Web Security appliances.


    Note
    The Security Management appliance is not involved in centralized email management, or ‘clustering’ of Email Security appliances.

  • Centralized Upgrade Management: You can simultaneously upgrade multiple Web Security appliances (WSAs) using a single Security Management Appliance (SMA).

  • Backup of data: Back up the data on your Security Management appliance, including reporting and tracking data, quarantined messages, and lists of safe and blocked senders.

You can coordinate your security operations from a single Security Management appliance or spread the load across multiple appliances.