Cisco heeft alweer even geleden een firmware-update uitgebracht voor zijn Email Security Appliances, die afgekort worden tot ESA. De techniek stamt af van IronPort Systems, dat in 2007 door Cisco werd gekocht. Hoewel dat dus al meer dan een decennium geleden is, hoor je ook nog steeds de naam IronPort terugkomen voor deze appliances. Voor de ondersteunde upgrade paths is het raadzaam om de documentatie door te nemen of om contact op te nemen met Cisco's TAC. De firmware heet 11.1.1 en kent 11.1.1-042 als exact versienummer. De lijst met veranderingen ziet er als volgt uit:
What’s New in AsyncOS 11.1.1Changes in Behavior in AsyncOS 11.1.1
- Forged Email Detection Enhancement - You can now create an exception list consisting of only full email addresses to bypass the Forged Email Detection content filter in Mail Policies > Address Lists. You can use this exception list in the Forged Email Detection rule if you want the appliance to skip email addresses from the configured content filter.
- Changes in Demo Certificates - Prior to this release, the appliance was pre-configured with a demonstration certificate to enable the TLS connections. After you upgrade to this release, the appliance generates a unique certificate to enable TLS connection. The existing demonstration certificate that is used in the following configurations are replaced with the new certificate:
- Mail Delivery
- LDAP
- Networking
- URL Filtering
- SMTP Services
- Changes in Self-Signed Certificates - Prior to this release, the appliance used SHA-1 signature hash algorithm to create a self-signed certificate. After you upgrade to this release, the appliance uses the SHA-256 signature hash algorithm to create self-signed certificates.
- URL Rewriting Changes for Graymail - If Graymail and Safe Unsubscribing is enabled on your appliance, the appliance now only rewrites all the original unsubscribe URLs whose length is less than 2000 characters.
