Introduction to Cisco Secure Workload, Release 3.9.1.28
The Cisco Secure Workload platform is designed to provide comprehensive workload security by establishing a micro perimeter around every workload. The micro perimeter is available across your on-premises and multicloud environment using firewall and segmentation, compliance and vulnerability tracking, behavior-based anomaly detection, and workload isolation. The platform uses advanced analytics and algorithmic approaches to offer these capabilities.
This document describes the features, bug fixes, and behavior changes, if any, in Cisco Secure Workload, Release 3.9.1.28.
For information on how to upgrade the software version, see Cisco Secure Workload Upgrade Guide.
 Note |
As a best practice, we recommend to patch a cluster to the latest available patch version before performing a major version upgrade. |
Release Information
Version: 3.9.1.28
Date: April 30, 2024
Known Behaviors in Cisco Secure Workload, Release 3.9.1.28
For more information on known issues for Cisco Secure Workload software release, refer Release notes 3.9.1.1.
Resolved and Open Issues
The open issues for this release are accessible through the Cisco Bug Search Tool. This web-based tool provides you with access to the Cisco bug tracking system, which maintains information about issues and vulnerabilities in this product and other Cisco hardware and software products.
Note |
You must have a Cisco.com account to log in and access the Cisco Bug Search Tool. If you do not have one, register for an account. |
For more information about the Cisco Bug Search Tool, see the Bug Search Tool Help & FAQ.
Resolved Issues
The following table lists the resolved issues in this release. Click an ID to access Cisco’s Bug Search Tool to see additional information about that bug.
|
Identifier |
Headline |
|---|---|
|
TetSen.exe may restart unexpectedly |
|
|
[3.9.1.25] Label management usage page not working |
|
|
Windows Agent may restart with a memory read violation |
|
|
Windows workload may become unresponsive due to Secure Workload agent crash⨠|
|
|
Linux server crashes with kernel bug on enforced workloads with continuous deviation |
|
|
Agent applied polices mismatch with policies sent by Tetration |
|
|
Windows Agent fails to upgrade |
|
|
Forensic events stops getting reported after some time on Windows. |
|
|
Kubernetes Daemonset agent for Ubuntu 22.04 is missing |
|
|
High CPU usage and restart of tet-sensor process on Linux workloads |
|
|
High CPU for tet-sensor process on Unix based OS |
|
|
Cleanup special files when offline flows feature is disabled |
Open Issues
The following table lists the open issues in this release. Click an ID to access Cisco’s Bug Search Tool to see additional information about that bug.
|
Identifier |
Headline |
|---|---|
|
CSW 3.9.1.1 - Azure ingestion stopped after Secure connector tunnel got wedged |
|
|
[Open API] Agent Network Policy Config need to show enf status consistent with data shown in UI |
|
|
Scope & Inventory Page: Scope Query: matches .* returns incorrect results |
|
|
VIP switchover causing segmentation issues |
|
|
ADM port and pid mapping is missing for some ports |
|
|
Flow Export stopped on Windows workload. TetSen.exe restarts |
|
|
Secure Workload 'adhoc_ams_ext' throwing "could not find Vault client token for policy trex_rw" |
|
|
Secure connector configuration gets reset during edits |
|
|
Secure Worload 'KubernetesApiServer' service intermittent alerts |
|
|
Compliance alert config: Rule not getting processed post edit of the rule |
|
|
Services failures after upgrade with orchestrator dns name not resolvable |
Compatibility Information
For information about supported operating systems, external systems, and connectors for Secure Workload agents, see the Compatibility Matrix.
Verified Scalability Limits
The following tables provide the scalability limits for Cisco Secure Workload (39RU), Cisco Secure Workload M (8RU), and Cisco Secure Workload Virtual (VMWare ESXi).
|
Configurable Option |
Scale |
|---|---|
|
Number of workloads |
Up to 37,500 (VM or bare metal) Up to 75,000 when all the sensors are in conversation mode |
|
Flow features per second |
Up to 2 million |
|
Number of hardware agent enabled Cisco Nexus 9000 series switches |
Up to 100 (deprecated) |
|
Configurable Option |
Scale |
|---|---|
|
Number of workloads |
Up to 10,000 (VM or bare metal) Up to 20,000 when all the sensors are in conversation mode |
|
Flow features per second |
Up to 500,000 |
|
Number of hardware agent enabled Cisco Nexus 9000 series switches |
Up to 100 (deprecated) |
|
Configurable Option |
Scale |
|---|---|
|
Number of workloads |
Up to 1,000 (VM or bare metal) |
|
Flow features per second |
Up to 70,000 |
|
Number of hardware agent enabled Cisco Nexus 9000 series switches |
Not supported |
Note |
The supported scale is based on the parameter that reaches the limit first. |
Related Resources
|
Resources |
Description |
|---|---|
|
Provides information about Cisco Secure Workload, its features, functionality, installation, configuration, and usage. |
|
|
Describes the physical configuration, site preparation, and cabling of a single- and dual-rack installation for Cisco Secure Workload (39RU) platform and Cisco Secure Workload M (8RU). |
|
|
Cisco Secure Workload Virtual (Tetration-V) Deployment Guide |
Describes the deployment of Cisco Secure Workload virtual appliances. |
|
Describes technical specifications, operating conditions, licensing terms, and other product details. |
|
|
The data sets for the Secure Workload pipeline that identifies and quarantines threats that are automatically updated when your cluster connects with Threat Intelligence update servers. If the cluster is not connected, download the updates and upload them to your Secure Workload appliance. |
Contact Cisco Technical Assistance Centers
If you cannot resolve an issue using the online resources listed above, contact Cisco TAC:
-
Email Cisco TAC: tac@cisco.com
-
Call Cisco TAC (North America): 1.408.526.7209 or 1.800.553.2447
-
Call Cisco TAC (worldwide): Cisco Worldwide Support Contacts
Feedback