• On the Reporting dashboard, you can now access reports through emails and from the scheduling dashboard. For report generation, you can also schedule the generation of the reports- the days of the week and the time when you want the reports to be delivered. Navigate to Reporting > Schedules. ​

  For more information, see Reporting.

• The Cisco Secure Workload User Guide includes a section about high availability of services, nodes, VMs, and network switches in a Secure Workload cluster. If there is a failure, Secure Workload cluster design high availability ensures minimal downtime.

  For more information, see High Availability in Secure Workload.

• A new field- Agent Type is now added for connectors to display the source of traffic flow that streams telemetry information for single or multiple public clouds.

  The agent type field is included in these pages:

  • Organize > Scopes and Inventory

  • Investigate > Traffic > Flow Search

  • ADM Workspace

  For more information, see Software Agents.

• You can now specify the duration for the agent to capture and store flows locally.

  • Set the size to 0 in the Flow Disk Quota, which disables the feature and stop agents from caching the flow data.

  • Set the time to 0 to disable rotation on the time window. However, the basic functionality where flows are cached and rotated by size limit will still work.

  For more information, see Software Agents.

• Use the VPC Firewall rules in GCP to allow or deny traffic to and from VMs. To view the Firewall and Concrete policies that are generated in the VPC profile, follow these steps:

  1. Navigate to Manage > Workloads.

  2. Click Connectors and choose GCP Connector.

  3. From the GCP Connector page, navigate to the VPC profile, which now includes the Firewall and Concrete policies.

  For more information, see Connectors and Inventory Profile.

• It is now convenient to clean up old inventory filters with the enhanced capability to detect and delete unused objects in inventory filters.

  For more information, see OpenAPI.

• Two new tabs- OS and Year are now available under CVEs in the vulnerability dashboard. These tabs display information of the OS used and the year that the CVE was last exploited by threat intelligence. You can now search and filter CVE data based on the columns, and based on each attribute - CVE, Score, Severity, and so on.

  For more information, see ​Investigate Vulnerabilities.

• Support for deep visibility and enforcement for Solaris on SPARC and Intel systems.

  For more information, see Compatibility Matrix.

• Cisco Secure Workload Agent now supports Amazon Linux 2023.

• On AIX, the Concrete policies for a workload profile can report the packet/bytes statistics.

• On AIX, the Cisco Secure Workload Agent now captures real-time process events.

• Improved client detection based on server port when Flow Analysis Fidelity is set to Conversations.

• For the SaaS environment, Cisco Secure Workload supports Security Cloud Sign On to authenticate users. The Security Cloud Sign On helps in consistent user experience and managing Cisco Security product subscriptions and trials.

• Support for inventory filter usage, agent profile, and forensics profile usage.

• ADM Enable service discovery on agent now supports SMB Protocol/RPC services apps.

• The installation of the agent on Windows includes the Troubleshooting PowerShell tool.

• Agents licensing accounting for non-Windows Server workloads and account for autocleanup period is now fixed.

• The Agent Installer Image page now displays the SHA256 digest of the software packages.

• In the SaaS environment, admins can search change logs without providing a Type facet.

• Flow Ingest Appliances now deploy the operating system- Alma Linux 9.2.

  Note	Existing appliances continue to be on CentOS 7.9.

• Reintroduction of flow learnt inventory to facilitate users who are using flow learnt inventory for Scope & inventory filter query validation. The flow learnt inventory was decommissioned from the Scopes and Inventory page in release 3.7.1.40.

• Installation of the Cisco Secure Workload agent on Windows Server 2008R2, Windows Server 2012, and Windows Server 2012R2 requires prior installation of Windows Update KB2999226.

• Modification of the agent_type_str attribute to return agent types in string format. This change affects two external endpoints: agents and workload.

  For more information, see OpenAPI.

• In the upcoming releases, to upgrade the Secure Workload clusters, you must stage the RPM files and install them together to complete the initial phase of the upgrade process.

See the Cisco Secure Workload major release 3.8.1.1 release notes.

For supported operating systems, external systems, and connectors for Secure Workload agents, see Compatibility Matrix.

The following tables provide the scalability limits for Cisco Secure Workload (39-RU), Cisco Secure Workload M (8-RU), and Cisco Secure Workload Virtual.

Note	The supported scale is based on the parameter that reaches the limit first.

The resolved and open issues for this release are accessible through the Cisco Bug Search Tool. This web-based tool provides you with access to the Cisco bug tracking system, which maintains information about issues and vulnerabilities in this product and other Cisco hardware and software products.

Note	You must have a Cisco.com account to log in and access the Cisco Bug Search Tool. If you do not have one, you can register for an account.

For more information about the Cisco Bug Search Tool, see the Bug Search Tool Help & FAQ.