Managing Your Virtual Appliance

The Virtual Appliance License


Note

You cannot open a Technical Support tunnel before installing the virtual appliance license. Information about Technical Support tunnels is in the User Guide for your AsyncOS release.

The Cisco Content Security virtual appliance requires an additional license to run the virtual appliance on a host. You can use this license for multiple, cloned virtual appliances.

For Cisco Secure Email Gateway and Cisco Secure Web virtual appliances:

  • Feature keys for individual features can have different expiration dates.

  • After the virtual appliance license expires, the appliance will continue to serve as an SMTP proxy (Cisco Secure Email Gateway), web proxy (Cisco Secure Web Appliance), or automatically handle quarantined messages (Secure Email and Web Manager) without security services for 180 days. Security services are not updated during this period. On the Content Security Management appliance, administrators and end users cannot manage quarantines, but the management appliance continues to accept quarantined messages from managed Secure Email Gateway appliances, and scheduled deletion of quarantined messages will occur.


Note

For information about the impact of reverting the AsyncOS version, see the online help or user guide for your AsyncOS release.

Powering Off a Virtual Appliance

Force reset, power off, and reset options are not fully supported. You can terminate or stop the instance running the Secure Email Gateway, Secure Web or Secure Email and Web Manager virtual appliance.

CLI Commands on the Virtual Appliance

The following are the CLI command changes for virtual appliances:

Command

Supported on Virtual Secure Email Gateway

Supported on Virtual Secure Web Appliance?

Supported on Virtual Secure Email and Web Manager?

Information

loadlicense

Yes

Yes

Yes

This command allows you to install a license for your virtual appliance. You cannot run System Setup Wizard on the virtual appliance without installing a license using this command first.

etherconfig

Yes

Yes

The Pairing option is not included on virtual appliances.

version

Yes

Yes

This command will return all the information about the virtual appliance except for the UDI, RAID, and BMC information.

resetconfig

Yes

Yes

Running this command leaves the virtual appliance license and the feature keys on the appliance.

revert

Yes

Yes

Behavior is described in the System Administration chapter in the online help and user guide for your appliance.

reload

Yes

Yes

Running this command removes the virtual appliance license and all the feature keys on the appliance. This command is available only for Secure Web Appliance.

diagnostic

Yes

Yes

The following diagnostic > raid sub-menu options will not return information:

1. Run disk verify

2. Monitor tasks in progress

3. Display disk verify verdict

This command is only available for Secure Web Appliance.

showlicense

Yes

Yes

Yes

View license details.

For virtual Cisco Secure Web appliances, additional information is available via the featurekey command.

SNMP on the Virtual Appliance

AsyncOS on virtual appliances will not report any hardware-related information and no hardware-related traps will be generated. The following information will be omitted from queries:

  • powerSupplyTable

  • temperatureTable

  • fanTable

  • raidEvents

  • raidTable

Getting Support for Virtual Appliances


Note

To get support for virtual appliances, call Cisco TAC and have your Virtual License Number (VLN) number ready.

If you file a support case for a Cisco Content Security virtual appliance, you must provide your contract number and your Product Identifier code (PID).

You can identify your PID based on the software licenses running on your virtual appliance, by referencing your purchase order, or from the following lists:

Product Identifier Codes (PIDs) for Cisco Secure Email Gateway Virtual Appliances

Functionality

PID

Description

Cisco Secure Email

CSEMAIL-SEC-SUB

A Cisco Secure Email software subscription license that can be deployed on-premises, cloud or hybrid.

This Stock Keeping Unit (SKU) only allows prepaid and annual billing options.

Essential

Includes:

  • Anti-spam filtering

  • Outbreak Filtering

  • Sophos Anti-Virus filtering

  • Cisco Secure Email Malware

    Defense - includes reputation and Cisco Threat Grid sandboxing capabilities

Advantage

Includes:

  • All Essential features

  • Cisco Secure Email Encryption Service

  • Cisco Data Loss Protection (DLP)

Premier

Includes:

  • All Advantage features

  • Cisco Secure Awareness Training

Add-on - Intelligence Multiscan

Provides additional antispam classification capabilities by combining the results of the multiple antis-pam classifiers with the Cisco IPAS classifier in the Inbound and Premium Bundles. It increases the spam catch rate at the possible expense of a greater number of false positives.

Add-on: Graymail Safe Unsubscribe

Allows users who receive legitimate marketing emails to unsubscribe safely through a third party.

Add-on: McAfee Anti-Malware

Provides additional anti-virus protection as an add-on to the Sophos Anti-Virus engine that comes with the Inbound and Premium Bundles.

Add-on: Image Analyzer

Provides scanning for adult content in images contained in emails, often deployed along with DLP to implement acceptable user policies.

Centralized Email Management

SMA-EMGT-LIC

All centralized Secure Email functionality.

Product Identifier Codes (PIDs) for Cisco Secure Web Virtual Appliances

Functionality

PID

Description

Cisco Secure Web

WEB-SEC-SUB

Cisco Web Security Unified SKU

Web Security Essentials

WSA-WSE-LIC

Includes:

  • Web Usage Controls

  • Web Reputation

Web Security Advantage

WSA-WSP-LIC

Includes:

  • Essentials feature

  • Sophos and Webroot Anti-Malware signatures

Web Security Premier

WSA-WSS-LIC

Includes:

  • Advantage feature

  • Cisco Advanced Malware Protection

  • Cisco Cognitive Threat Analytics

  • Cisco Threat Grid

McAfee Anti-Malware

WSA-AMM-LIC

Advanced Malware Protection

WSA-AMP-LIC

SMA Centralized Web Management

SMA-WMGT-LIC

All centralized Secure Web functionality.

SMA Add-On: Advanced Reporting - Higher Data Tier

SMA-WSPL-HIGH-LIC

SMA Add-On: Advanced Reporting - Lower Data Tier

SMA-WSPL-LOW-LIC