THIS FIELD NOTICE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTY OF MERCHANTABILITY. YOUR USE OF THE INFORMATION ON THE FIELD NOTICE OR MATERIALS LINKED FROM THE FIELD NOTICE IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS FIELD NOTICE AT ANY TIME.
| Affected Software Product | Affected Release | Affected Release Number | Comments |
|---|---|---|---|
| AsyncOS for WSA | 10 | 10.0.0, 10.0.0-142, 10.0.0-233, 10.1.0, 10.1.0-204, 10.1.0-270, 10.1.1, 10.1.1-235, 10.1.2, 10.1.2-036, 10.1.2-050, 10.1.3, 10.1.3-039, 10.1.3-054, 10.5.0, 10.5.0-358, 10.5.1, 10.5.1-270, 10.5.1-296, 10.5.1_LD, 10.5.1_LD-270, 10.5.2, 10.5.2-061, 10.5.2-072, 10.5.3, 10.5.6, 10.5.6-022, 10.6.0 | |
| AsyncOS for WSA | 11 | 11.0.0, 11.0.0-641, 11.5.1, 11.5.1-115, 11.5.1-124, 11.5.1-125, 11.5.3, 11.5.3-016, 11.7.0, 11.7.0-406, 11.7.0-418, 11.7.1, 11.7.1-006, 11.7.1-020, 11.7.1-049, 11.7.2, 11.7.2-011, 11.8.0, 11.8.0(refresh), 11.8.0(refresh)-429, 11.8.0-414, 11.8.0-429, 11.8.0-453, 11.8.0-453-453, 11.8.1, 11.8.1-023, 11.8.3, 11.8.3-018, 11.8.3-021, 11.8.4, 11.8.4-004 | |
| AsyncOS for WSA | 12 | 12.0.1, 12.0.1 GD, 12.0.1 GD-334, 12.0.1-268, 12.0.1-334, 12.0.2-004, 12.0.2-012, 12.0.3, 12.0.3-005, 12.0.3-007, 12.0.4, 12.0.4-002, 12.0.5-011, 12.5.1, 12.5.1 GD, 12.5.1 GD-043, 12.5.1-011, 12.5.1-043, 12.5.2, 12.5.2-007, 12.5.2-011, 12.5.3, 12.5.3-002, 12.5.4-005, 12.5.4-011, 12.5.5-004, 12.5.5-005, 12.5.5-008, 12.5.6-008 | |
| AsyncOS for WSA | 14 | 14.0.1 GD, 14.0.1 GD-053, 14.0.1 GD-503, 14.0.1 LD, 14.0.1 LD-014, 14.0.1 LD-040, 14.0.1-014, 14.0.1-040, 14.0.1-053, 14.0.1-503, 14.0.2 |
| Defect ID | Headline |
| CSCws20676 | End of support for AMP file reputation integrations using the legacy protocol in SWA |
Cisco is ending support for the legacy communication protocol that is used by Cisco Secure Web Appliance to interact with the Cisco Advanced Malware Protection (AMP) File Reputation service. The legacy protocol will be disabled by the end of April 2026. After this date, any Cisco Secure Web Appliance that is running a Cisco AsyncOS Software release that still uses the legacy protocol will fail to upload files to the AMP File Reputation service for reputation scoring.
Cisco is sunsetting support for AMP file reputation integrations (SHA lookups) that use the legacy protocol through libimcloud. Cisco Secure Web Appliance has incorporated the next-generation AMPKit APIs starting with Cisco AsyncOS Software releases 15.2.4 and 15.5. Migration to these newer APIs is necessary because the legacy protocol-based AMP file reputation integration will be discontinued.
Cisco Secure Web Appliance administrators who are subscribed to AMP alerts will observe communication warning alerts and binary scan error alerts related to the AMP File Reputation service. These alerts will appear in both the web UI and CLI interfaces.
To view alerts from the web UI, go to System Administrator > Alerts > View Top Alerts.
To view alerts from the CLI, use the displayalerts command.
To avoid disruption of the AMP File Reputation service, Cisco recommends upgrading your Cisco Secure Web Appliance to Cisco AsyncOS Software Release 15.2.4, 15.5, or later. These releases use the updated AMPKit APIs.
For instructions on how to upgrade, see the AsyncOS for Web Upgrades and Updates section in the Cisco Secure Web Appliance User Guide for detailed upgrade instructions.
To see the current Cisco AsyncOS Software release that is running on Cisco Secure Web Appliance:
| Version | Description | Section | Date |
| 1.0 | Initial Release | — | 2026-FEB-24 |
For further assistance or for more information about this field notice, contact the Cisco Technical Assistance Center (TAC) using one of the following methods:
To receive email updates about Field Notices (reliability and safety issues), Security Advisories (network security issues), and end-of-life announcements for specific Cisco products, set up a profile in My Notifications.
Unleash the Power of TAC's Virtual Assistance