Introduction to Cisco Secure Workload
The Cisco Secure Workload platform is designed to provide comprehensive workload security by establishing a micro perimeter around every workload. The micro perimeter is available across your on-premises and multicloud environment using firewall and segmentation, compliance and vulnerability tracking, behavior-based anomaly detection, and workload isolation. The platform uses advanced analytics and algorithmic approaches to offer these capabilities.
This document describes the features, bug fixes, and behavior changes, if any, in Cisco Secure Workload, Release 3.9.1.52.
For information on how to upgrade the software version, see Cisco Secure Workload Upgrade Guide.
Release Information
Release Version: 3.9.1.52
Published Date: September 20, 2024
Enhancements in Cisco Secure Workload, Release 3.9.1.52
-
You can download the aggregated workload vulnerability information in CSV format from page.
-
When you disable or re-enable Enforcement for specific agents from the Agent List page, the operation is logged in the page.
-
LDAP attributes for username-based authentication can now be configured with multiple attributes in the external authentication configuration page. To support external LDAP users, you can now create users without an email address, and users can authenticate using the user login or samAccountName attributes.
Note
Random password generation is not supported for users with username-based external authentication.
-
Alerts generated over Email when configured using the Email Connector are now displayed in a tabular format.
Changes in Behavior in Cisco Secure Workload, Release 3.9.1.52
AIX Agent now includes a Cisco-provided IPFilter kernel extension. During the transition from enforcement off to on, the agent will unload and uninstall any previously installed non-Cisco IPFilter, then load the Cisco IPFilter extension.
Resolved and Open Issues
The resolved and open issues for this release are accessible through the Cisco Bug Search Tool. This web-based tool provides you with access to the Cisco bug tracking system, which maintains information about issues and vulnerabilities in this product and other Cisco hardware and software products.
Note |
You must have a Cisco.com account to log in and access the Cisco Bug Search Tool. If you do not have one, register for an account. |
For more information about the Cisco Bug Search Tool, see the Bug Search Tool Help & FAQ.
Resolved Issues
The following table lists the resolved issues in this release. Click an ID to access Cisco’s Bug Search Tool to see additional information about that bug.
|
Identifier |
Headline |
|---|---|
|
Improve windows agent flow user reporting for rejected flows. |
|
|
[AnyConnect Connector] Incorrect Active Endpoint Tracking Leads to 5000 Limit Issue. |
|
|
TetSen.exe crashes with exit code - 0xC0000409 |
|
|
Reinstall flag for agent installer does not work. |
|
|
IP fragments are not handled correctly by ipfilter on AIX. |
|
|
Proxied flows visibility: effective proxied flows have multiple provider domain names. |
|
|
[druid index merger] Intermittent no data seen in traffic flow or policy analysis pages. |
|
|
Flow client/server direction decision not used for some flows. |
|
|
Agents Health may show Agent Restated anomaly for AIX workloads. |
|
|
Secure Workload linux agent may generate flows to `169.254.169.254:80`. |
|
|
Error with Live Analysis API Endpoint pagination. |
Open Issues
The following table lists the open issues in this release. Click an ID to access Cisco’s Bug Search Tool to see additional information about that bug.
|
Identifier |
Headline |
|---|---|
|
[Open API] Agent Network Policy Config need to show enf status consistent with data shown in UI |
|
|
Scope & Inventory Page: Scope Query: matches .* returns incorrect results |
|
|
VIP switchover causing segmentation issues |
|
|
ADM port and pid mapping is missing for some ports. |
|
|
Services failures after upgrade with orchestrator dns name not resolvable. |
Additional Information for Secure Workload
|
Information |
Description |
|---|---|
|
Known Behaviors |
For more information on the known behaviors, see Cisco Secure Workload Release Notes, 3.9.1.1. |
| Compatibility Information |
For information about supported operating systems, external systems, and connectors for Secure Workload agents, see the Compatibility Matrix. |
|
Scalability Limits |
For information about the scalability limits of Cisco Secure Workload (39-RU) and Cisco Secure Workload M (8-RU) platforms, see Cisco Secure Workload Platform Data Sheet.. |
Related Resources
Cisco Secure Workload documentation can be accessed from the following websites:
|
Document |
Description |
|---|---|
|
Describes the physical configuration, site preparation, and cabling of a single-rack and dual-rack installation for Cisco Secure Workload (39RU) platform and Cisco Secure Workload M (8RU). |
|
|
Cisco Secure Workload Virtual (Tetration-V) Deployment Guide |
Describes the deployment of Cisco Secure Workload virtual appliances. |
|
The data sets for the Secure Workload pipeline that identifies and quarantines threats that are automatically updated when your cluster connects with Threat Intelligence update servers. If the cluster is not connected, download the updates and upload them to your Secure Workload appliance. |
Contact Cisco Technical Assistance Centers
If you cannot resolve an issue using the online resources listed above, contact Cisco TAC:
-
Email Cisco TAC: tac@cisco.com
-
Call Cisco TAC (North America): 1.408.526.7209 or 1.800.553.2447
-
Call Cisco TAC (worldwide): Cisco Worldwide Support Contacts
Feedback