What's New in AsyncOS 13.5.2
Feature |
Description |
||
---|---|---|---|
Cisco SecureX Integration |
Cisco Email Security appliance now supports integration with Cisco SecureX. Cisco SecureX is a security platform embedded with every Cisco security product. The integration of the Email Security appliance with Cisco SecureX delivers measurable insights, desirable outcomes, and unparalleled cross-team collaboration. Cisco SecureX unifies visibility of security infrastructure, enables automation, accelerates incident response workflows, and improves threat detection. The distributed capabilities of Cisco SecureX are available in the form of applications (apps) and tools in the Cisco SecureX Ribbon. For more information, see Integrating with Cisco SecureX Threat Response. You can also access the “Integrate Cisco Email Security Gateway with Cisco SecureX or Cisco Threat Response” walkthrough by clicking the How-Tos widget on the web interface of your appliance. |
||
Configuring Custom SMTP Helo for SMTP Conversation |
A new option is added in the You can use the new CLI option to modify the default interface hostname used for the SMTP Helo. |
||
New Cisco Talos Email Status Portal |
The Cisco Talos Email Status Portal replaces the legacy Cisco Email Submission and Tracking Portal. The Cisco Talos Email Status Portal is a web-based tool for monitoring the status of email submissions from end-users.
|
||
Enhancement to Messages with File Analysis Pending functionality |
A new option - Drop Message Attachments while File Analysis Verdict Pending is added under Messages with File Analysis Pending section (Mail Policies > Incoming Mail Policies and click the link in the Advanced Malware Protection column of the mail policy to modify. Now, you can choose whether to drop attachments in case of any file analysis verdict pending while delivering the final message from the appliance. The default option is ‘No’. If you set the option as ‘Yes’, the Processing Details section of the Message Tracking (Monitor >Message Tracking) displays the details related to the message attachments dropped when the file analysis verdict is pending. The Mail logs also display the log details of the message attachments dropped when the file analysis verdict is pending based on the configured AMP policy.’ You can also enable this option using the For more information, see File Reputation Filtering and File Analysis. |
||
Enhancement for Request Retry Method of File Reputation Service: |
You can now set the reputation query timeout value within the range of 20–30 seconds while configuring the file reputation and analysis services (Security Services > File Reputation and Analysis). The default value is 20, which is the minimum value. During the configured query timeout, the appliance sends the file reputation queries to the AMP server. If the appliance fails to receive response from the AMP server, it retries by sending the query again to the AMP server. The query timeout includes the time taken for the first query request and the retry request. The retry method enables the appliance to receive responses when there are network latencies, issues related to the AMP server, and so on. |
||
Configuring Email Gateway to consume SecureX Threat Response Feeds |
You can configure your email gateway to consume threat feeds from the Cisco SecureX Threat Response portal. The Cisco SecureX Threat Response portal allows you to create custom feeds for the continuous gathering of observables and to consume them in your email gateway using the feed URL. A feed is a simple list of observables in JSON format. The feeds are created and managed in the Intelligence > Feeds page in the SecureX Threat Response portal. For more information, see Configuring Email Gateway to Consume External Threat Feeds. |