Introduction to Cisco Secure Workload SaaS, Release 3.10.2.11
The Cisco Secure Workload platform, formerly branded as Cisco Tetration, is designed to provide comprehensive workload security by establishing a micro perimeter around every workload. The micro perimeter is available across your on-premises and multicloud environment using firewall and segmentation, compliance and vulnerability tracking, behavior-based anomaly detection, and workload isolation. The platform uses advanced analytics and algorithmic approaches to offer these capabilities.
This document describes the features, bug fixes, and behavior changes, if any, in Cisco Secure Workload, Release 3.10.2.11.
New Software Features in Cisco Secure Workload, Release 3.10.2.11
|
Feature Name |
Description |
||
|---|---|---|---|
|
Platform Integration |
|||
|
Secure Cloud Control Integration |
Cisco Security Cloud Control (SCC) is a Cisco management interface that allows to provision, configure, manage, and monitor the Cisco Security products from a single interface. From Secure Workload, release 3.10.2.11, Secure Workload is integrated with the SCC platform, which allows management of their administrative users and the roles, and single sign-on configuration across all Cisco Security products.
|
||
|
Enhanced User Experience |
|||
|
Global Visualization |
Secure Workload introduces the Global Visualization feature, which is designed to provide a comprehensive and holistic perspective of your applications and workloads. This feature includes several capabilities:
Explore the enhanced capabilities of Global Visualization to gain deeper insights into the performance and security of your network. For more information, see Global Visualization |
||
|
Operation Simplicity |
|||
|
Platform Enhancements |
You can configure Flow Rules in Agent Config Profile to instruct agents to skip reporting or to reduce the telemetry to conversation mode (4 tuples) for selected flows that apply to fidelity mode set to detail. For more information, see Agent Config Profile |
||
Enhancements in Cisco Secure Workload, Release 3.10.2.11
-
APIs have been enhanced to include policy and configuration usage with scope responses.
-
Policy hit counts are now a part of policy API responses.
-
New API endpoints to search all draft, analyzed or enforced policies within a tenant.
-
The Daemonset Agent image is no longer impacted by recent CVEs.
-
The Remote Agent logs download functionality is now available in all operating systems, versions, and CPU architectures.
-
Software agents now leverages eBPF to capture network telemetry on ppc64_le architecture.
-
Software agent now supports Windows Server 2025 on x86_64 architecture.
Resolved and Open Issues
The resolved and open issues for this release are accessible through the Cisco Bug Search Tool. This web-based tool provides you with access to the Cisco bug tracking system, which maintains information about issues and vulnerabilities in this product and other Cisco hardware and software products.
Note: You must have a Cisco.com account to log in and access the Cisco Bug Search Tool. If you do not have one, register for an account.
For more information about the Cisco Bug Search Tool, see the Bug Search Tool Help & FAQ.
Resolved Issues
|
Identifier |
Headline |
|---|---|
|
Threat Intelligence Summary NOT visible to 'Tenant Owner'. |
|
|
exported policy is not importing throwing-"service and user cannot be set together" error. |
|
|
Column reordering not working in Scopes and Inventory. |
|
|
Continuous change log entires on SaaS cluster upgraded to 3.10 from the backend job. |
|
|
CSW Policy Enforcement starts failing a few weeks after upgrade to 3.10.1.1 |
|
|
Customer requested a change in the permissions of the file "/etc/audit/rules.d/taau.rules". |
|
|
Secure Workload Agent may stop reporting flows on el9 family Linux workload |
|
|
SPAN agent may stop reporting flows on el9 based virtual Appliance when using eBPF |
|
|
Race Condition in csw-agent might lead to tet-main using old config server URL until next upgrade. |
|
|
ENH:Secure Workload agent generate Instance Metadata Service (IMDS) '169.254.169.254:80' |
|
|
tet-sensor may crash on AIX during start. |
|
|
Unable to install specific version of the AIX software agent when unzip rpm is absent. |
|
|
Post upgrade to version 3.10.1.1, agent anomalies are not showing correctly |
|
|
Flows from ingest appliances dropped at collectors after 3.10(1.1) upgrade. |
|
|
In cluster version 3.10.1.1, agents are showing "Not ready for failover to backup appliance" warning. |
|
|
TetSen.exe crashes on Windows Server 2008 R2 when PID Lookup/User Lookup Is Enabled. |
|
|
tet-sensor process on AIX workloads may crash while exporting cached flows. |
|
|
Agent shows flow export stopped anomaly. |
|
|
Agent health page not loading. |
|
| CSCwo26582 | Investigate vulnerabilities on root scope throws error messages. |
|
Agent rehome from onprem to CSW SaaS fails when agent needs proxy to resolve WSS FQDN |
Open Issues
|
Identifier |
Headline |
|---|---|
|
Services failures after upgrade with orchestrator dns name not resolvable. |
|
|
Workload CVE chart not rendering after loading. |
|
|
ADM port and pid mapping is missing for some ports. |
|
|
Scope and Inventory Page: Scope Query: matches .* returns incorrect results. |
|
|
Online documentation does not include all of the API attributes that are returned. |
|
|
CollectorSSLCheck and collector services failing. |
|
|
Increased DNS Queries to metadata.google.internal from On-Prem Cluster Going to External DNS Server. |
|
|
Multiple packages have been flagged with CVE 2022-1471 in RHEL8.9 system. |
|
|
Cisco Vulnerabilities Workloads Multiple selections across pages does not work in the UI. |
|
|
Failure in applying manual threat intelligence updates. |
|
|
Compliance alerts for flows not seen in Segmentation Workspace-Policy Analysis or Enforcement. |
|
|
Data Sync Issue: Gateway Allowlist IP Settings Not Propagating to Portal. |
|
|
ADM's failing during the last stage of processing due to large number of conversations. |
|
|
RHEL OS CVEs Inconsistencies report. |
|
|
Azure agentless enforcement out-of-band change not being detected. |
|
|
Windows Agent - Missed Packets graph not being populated. |
|
|
Vulnerabilities page shows a backend service error. |
|
|
Issue with pre-populated rule at priority 90 or higher leading to duplication. |
|
|
Installation of threat intelligence datasets rpms is failing. |
|
|
EKS and VPC resources ignored if names are duplicated. |
|
|
ADM: Child scopes show redundant enforcement policies. |
|
|
Customers would see temporary spikes in escaped flows when running policy analysis. |
|
|
Service ifeThreatIntelPipeline is down. |
|
|
CSW 3.10.1.1: Compliance Report-View Forensics Button doesn't work. |
|
|
Secure connector rpm is including stale server certificate. |
|
|
syslog alert configuration broken post 3.10.1.1 upgrade. |
|
|
CSW Agent Windows Power-Shell installation script calls a function that should be revised. |
Additional Information for Secure Workload
| Information | Description |
|---|---|
| Compatibility Information | For information about supported operating systems, external systems, and connectors for Secure Workload agents, see the Compatibility Matrix. |
| Scalability Limits | For information about the SaaS scalability limits, see Cisco Secure Workload Deployment models and scale. |
Related Resources
Contact Cisco Technical Assistance Centers
If you cannot resolve an issue using the online resources listed above, contact Cisco TAC:
-
Email Cisco TAC: tac@cisco.com
-
Call Cisco TAC (North America): 1.408.526.7209 or 1.800.553.2447
-
Call Cisco TAC (worldwide): Cisco Worldwide Support Contacts
Feedback