What's New in AsyncOS 14.0
Feature |
Description |
||
---|---|---|---|
Integrating the Cisco Secure Email Gateway with Cisco Secure Awareness Cloud Service |
The Cisco Secure Awareness cloud service allows you to effectively deploy phishing simulations, awareness training, or both to measure and report results. It empowers the security operations team to focus on real-time threats and not end-user mitigation. The Cisco Secure Awareness cloud service provides reports of Repeat Clickers - users who repeatedly click on any URL or attachment sent through emails. These users are identified via a phishing simulation campaign defined by the Cisco Secure Awareness cloud service. The ability to integrate your email gateway with the Cisco Secure Awareness cloud service helps an organization to:
For more information, see Integrating Email Gateway with Cisco Secure Awareness Cloud Service. |
||
Improved Phishing Detection in Email Gateway |
The following are the enhancements made to improve phishing detection in your email gateway:
Sender Domain Reputation Filtering Enhancement: You can configure your email gateway to block messages based on the SDR (Sender Domain Reputation) verdict at the SMTP conversation level. You can enable or disable SDR verification using the Mail Flow Policy configuration settings.
Default Scanning of URLs in Message Attachments: By default, the email gateway scans URLs in message attachments for any malicious content early in the email pipeline (before the Anti-Spam engine).
For more information, see Sender Domain Reputation Filtering and Defining Which Hosts Are Allowed to Connect Using the Host Access Table. |
||
Scanning Password-Protected Attachments in Messages |
You can configure the Content Scanner in your email gateway to scan the contents of password-protected attachments in incoming or outgoing messages. The ability to scan password-protected message attachments in the email gateway helps an organization to:
The following languages are supported for this feature - English, Italian, Portuguese, Spanish, German, and French.
For more information, see Using Message Filters to Enforce Email Policies. |
||
Simple Network Management Protocol (SNMP) Enhancementss |
The following are the enhancements made to the SNMP configuration settings:
For more information, see Managing and Monitoring Using the CLI . |
||
New Report for mail policy details |
A new report – Mail Policy Details is added in the new web interface of your email gateway. Use this report to view the number of messages that match a configured mail policy. For more information, see Using Email Security Monitor. |
||
New Message Tracking Filter for mail policy details |
A new message tracking filter -Mail Policy is added in the Message Tracking > Advanced Search > Message Event option in the new web interface of your email gateway. Use this option to search for incoming or outgoing messages that match the configured mail policy name entered in the ‘Mail Policy Name’ field. |
||
Enhanced Overview and Incoming Mail reporting pages |
The following are the enhancements made to the Overview and Incoming Mail reporting pages in the legacy web interface of your email gateway: Overview report page:
Incoming Mail report page:
For more information, see Using Email Security Monitor. |
||
Enhanced Mail Flow Summary and Mail Flow Details reporting pages |
The following are the enhancements made to the Mail Flow Summary and Mail Flow Details reporting pages in the new web interface of your email gateway: Mail Flow Summary report page:
Mail Flow Details report page:
|
||
Support for Internationalized Domain Name (IDN) |
Cisco Secure Email Gateway can now receive and deliver messages with email addresses that contain IDN domains. Currently, your email gateway provides support of IDN domains for the following languages only:
For more information, see System Administration. |
||
Security Enhancements |
AsyncOS 14.0 includes the following security enhancements:
For more information, see the CLI Reference Guide associated with this release. |
||
New Remediation Report Status Widget |
A new widget - ’Remediation Report Status’ is added when you search and remediate messages in the Message Tracking page of the new web interface of your email gateway. Use this widget to check the status of the Remediation Report generation. For more information, see Remediating Messages in Mailboxes |
||
Support for New Content Matching Classifiers - National Identification Numbers for Southeast Asian countries |
You can create a DLP policy using any one of the following new content matching classifiers - National Identification Numbers for Southeast Asian countries:
You can select the new content matching classifiers in the following pages of the web interface in your email gateway:
|
||
Bias-Free Terminology Usage in Product and Related Documentation |
We have removed the bias terms in the product and related documentation. The following are the list of bias terms replaced with the new bias-free terms:
|
||
Rebranded Product and Related Documentation |
|
||
AMP Upstream Proxy Settings for File Analysis |
You can now configure an upstream proxy for file analysis. For more information, see File Reputation Filtering and File Analysis |
||
Performing Remedial Actions on Messages in Cisco SecureX Threat Response |
In Cisco SecureX Threat Response, you can now investigate and apply the following remedial actions on messages processed by your email gateway:
For more information, see Integrating with Cisco SecureX Threat Response |
||
Content Filter - Attachment File Info condition and Strip by Attachment File Info action Enhancements |
A new option - File Hash List is added in the Content Filters - “Attachment File Info” condition and “Strip by Attachment File Info” action. Use this option to configure a content filter to take action on message attachments that match a specific file SHA-256 value in the selected file hash list.
For more information, see Content Filters and Using Message Filters to Enforce Email Policies. |
||
Smart Software Licensing Enhancements |
AsyncOS 14.0 includes the following smart software licensing enhancements:
For more information, see System Administration and Integrating with Cisco SecureX Threat Response. |
||
No Support for Sender Domain Age functionality post AsyncOS 14.0 Release |
There will be no support for the Sender Domain Age functionality post the AsyncOS 14.0 release. The Sender Domain Age functionality will be replaced with the Sender Maturity feature. Sender Maturity represents the Cisco Talos view of how mature a domain is as an email sender. The maturity value is tuned to enable threat detection regarding emails and generally does not reflect the domain age represented in “Whois-based domain age.” Sender Maturity is set to a limit of 90 days, and beyond this limit, a domain is considered mature as an email sender, and no further details is provided. Sender Maturity is used to calculate the sender reputation. Immature domains are assigned lower reputation. Cisco Talos recommends you rely on sender reputation only for determining policy actions. Sender Maturity is exposed to fine-tune filters for specific, non-standard scenarios.
|
||
Alert or Notification Banner for End-of-Life (EOL) or End-of-Service (EOS) AsyncOS Version or Hardware Model |
You will now receive an alert or notification banner message on your email gateway web interface or CLI, if your email gateway is running on an End-of-Life (EOL) or End-of-Service (EOS) AsyncOS version or hardware model. |
||
Office 365 or Hybrid (Graph API) Remediation Account Profile Configuration Enhancement |
You can now validate the client credentials for the Office 365 or Hybrid (Graph API) remediation account profile using the Client Secret value of the application generated on the Azure Management Portal. For more information, see Remediating Messages in Mailboxes . |
||
Virtual Email Gateway Support for Amazon Web Services (AWS) |
You can deploy Cisco Secure Email Virtual Gateway on Amazon Elastic Compute Cloud (EC2) on Amazon Web Services (AWS). Contact your Cisco sales representative with your AWS account details (username and region) to provision an AMI image. |
||
Consolidated Event Logs Enhancement |
Following are the enhancements made to the 'Consolidated Event Logs' log type:
|
||
Support for Cloud Connector Logging |
The email gateway now supports a new type of log subscription - Cloud Connector Logs. Use this log subscription to view information about Web Interaction Tracking data from Cisco Aggregator Server. Most of the information is present at the Info or Warning Level |
||
Enhancement for Request Retry Method of File Reputation Service |
You can now set the reputation query timeout value within the range of 20–30 seconds while configuring the file reputation and analysis services (Security Services > File Reputation and Analysis). The default value is 20, which is the minimum value. During the configured query timeout, the email gateway sends the file reputation queries to the AMP server. If the email gateway fails to receive response from the AMP server, it retries by sending the query again to the AMP server. The query timeout includes the time taken for the first query request and the retry request. The retry method enables the email gateway to receive responses when there are network latencies, issues related to the AMP server, and so on. |
||
New Cisco Talos Email Status Portal |
The Cisco Talos Email Status Portal replaces the legacy Cisco Email Submission and Tracking Portal. The Cisco Talos Email Status Portal is a web-based tool for monitoring the status of email submissions from end-users.
|
||
Authentication Logs Enhancement |
You can now view the user privilege role details (for example, ‘admin,’, ‘operator,’ and so on) of the logged-in user in the authentication logs. |
||
New Passphrase Rule for defining login passphrases |
A new passphrase rule is added in your email gateway to define your login passphrase:
You can configure this passphrase rule in any one of the following ways:
|
||
Creating system-generated passphrases |
In addition to creating a login passphrase manually, you can now also create a system-generated passphrase to log in to your email gateway. You can configure the system-generated passphrase in any one of the following ways:
For more information, see Setup and Installation. |
||
Performing FQDN Validation for Certificates |
You can configure your email gateway to perform FQDN validation for certificates in the following scenarios:
For more information, see S/MIME Security Services and Encrypting Communication with Other MTAs. |
||
Performing FQDN Validation for Peer Certificate during SSL Communication |
You can configure your email gateway to perform FQDN validation for peer certificate in System Administration > SSL Configuration page in the web interface. The FQDN validation is applicable for the following services:
For more information, see System Administration. |
||
Performing x509 Validation for Peer Certificate during SSL Communication |
You can configure your email gateway to perform x509 validation for peer certificate in System Administration > SSL Configuration page in the web interface. The x509 validation is applicable for the following services:
For more information, see System Administration. |
||
Configuring Email Gateway to consume SecureX Threat Response Feeds |
You can configure your email gateway to consume threat feeds from the Cisco SecureX Threat Response portal. The Cisco SecureX Threat Response portal allows you to create custom feeds for the continuous gathering of observables and to consume them in your email gateway using the feed URL. A feed is a simple list of observables in JSON format. The feeds are created and managed in the Intelligence > Feeds page in the SecureX Threat Response portal. For more information, see Configuring Email Gateway to Consume External Threat Feeds. |