Actualización Ironport 7.6.2-014 a 7.6.3-019

Otra actualización mas para el bote, de la versión 7.6.2-014 a la 7.6.3-019. Instalada sin problemas.


La lista de mejoras se puede ver http://www.cisco.com/en/US/docs/security/esa/esa7.6/ESA_7.6.3_Release_Notes.pdf

La lista de errores corregidos:

CSCuf33132 ‘Use SenderBase for Flow Control’ not Rate Limiting as expected: Rate limiting is applied to each IP address instead of the full subnet. This results in the ESA accepting more emails than expected for the rate limiting settings. This issue occurs when ‘Use SenderBase for Flow Control’ is selected as the Flow Control
method on AsyncOS 7.6 or later.

CSCzv15209 SenderBase Reputation Service unable to retrieve data Reputation engine restarts giving out “SBRS unable to retrieve” errors: This issue occurs with very high incoming connection rate leaving the mail processing engine in a state where every connection gets an “SBRS unable to retrieve.”

CSCzv15563 Sophos engine get expired after upgrade Upgrade to latest AsyncOS which is having Expired Sophos engine will alert the user stating that it is expired: This issue occurs when user upgrades to latest available AsyncOS which has Expired Sophos Engine. An alert will be sent to user stating that the Sophos engine is expired

CSCzv44971 DLP errors when certain content blades are enabled on custom policies: Customer may see slow outgoing mail flow and the following text within the mail logs: Warning: MID ###### ‘(no name)’ DLP content scanning failed (unknown error). This issue occurs when you have a custom DLP Policy that is using one of the following content blades that requires additional information:
• Group Insurance Numbers
• Health Plan Beneficiary Numbers
• Mergers and Acquisitions Codenames
• Patient Identification Numbers
• Custom Accounts
• US Personal Identification Information
• Medical Record Numbers
• Confidential Documents
• Student Identification Numbers

CSCzv50755 External Auth against Cisco ACS stopped working after upgrading External user authentication against Cisco ACS: stopped working after upgrade of AsyncOS from 7.5.1-102 to 7.6.1-022 version.

CSCzv77030 High connection rates result in no SBRS scores
SBRS scores are not retrievable due to high connection rates with high latency DNS responses
: High number of incoming mail connections results in the mail flow engine not getting Sender Base Reputation Scores.

CSCzv81113 Domain Profiles UI displays error on page and displays extra options Domain Profiles UI displays error on page and displays extra options in Internet Explorer 8 in comparing to Firefox version 3.6.13: This issue is applicable only for
Internet Explorer 8 on Windows 7.

CSCzv81592 Using “Australia Business and Company Numbers” causes DLP to stop functioning DLP stops functioning and scan messages when use “Australia Business and Company Numbers” DLP policy.

CSCzv25573 IronPort Spam Quarantine (ISQ) Denial of Service Vulnerability: A vulnerability in the Cisco IronPort Email Security appliance that could have allowed an unauthenticated, remote attacker to cause multiple critical processes to become unresponsive, resulting in a denial of service condition.

For more information on the vulnerability, see the Cisco security advisory at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-esa.

CSCzv44633 Web Framework Authenticated Command Injection Vulnerability: A vulnerability in the Cisco IronPort Email Security appliance that could have allowed an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with elevated privileges.
For more information on the vulnerability, see the Cisco security advisory at
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-esa.

CSCzv63329 Management Graphical User Interface Denial of Service Vulnerability: A vulnerability in the Cisco IronPort Email Security appliance that could have allowed an unauthenticated, remote attacker to cause multiple critical processes to become unresponsive, resulting in a denial of service condition.
For more information on the vulnerability, see the Cisco security advisory at
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-esa.

Y una feature nueva que va a hacer que mas de uno se muera del susto …

New Feature: IPv6 Support
AsyncOS 7.6 adds Internet Protocol Version 6 (IPv6) address compatibility to your Email Security
appliance. You can use both IPv4 and IPv6 addresses for your appliance’s IP interfaces. IPv6 addresses
are also an option for the following features:
• Gateways (default routers) and static routes.
• SMTP routes.
• SMTP Call Ahead.
• Trace.
• Senders for Host Access Tables.
• Recipients for Recipient Access Tables.
• Content Filter’s Remote IP condition and Send to Alternate Destination Host action.
• Destination Controls, where you can specify whether IPv4 or IPv6 addresses are preferred.
• Outbreak Filters’ Bypass Domain Scanning field.
• Report searches.
AsyncOS supports the following formats for IPv6 addresses:
• 2620:101:2004:4202::0-2620:101:2004:4202::ff
• 2620:101:2004:4202::
• 2620:101:2004:4202::23
• 2620:101:2004:4202::/64

¿Alguna vez veremos el ipv6 funcionar en producción?

Comments are closed.