What's New in this Release

This section describes the new features and enhancements in this release of AsyncOS for Secure Email and Web Manager.

What's New in AsyncOS 14.2

Feature

Description

New Sender Domain Reputation Verdicts

The Sender Domain Reputation (SDR) verdicts are updated in this release to accurately reflect the intended meaning and recommended usage.

Following legacy SDR verdicts are mapped to the new SDR verdicts:

  • 'Awful' to 'Untrusted'

  • 'Poor' to 'Questionable'

  • 'Tainted' or 'Weak' to 'Neutral'

  • 'Neutral' to 'Favorable'

  • 'Good' to 'Trusted'

  • 'Unknown' to 'Unknown'

The SDR reporting and message tracking results are updated with the new verdicts accordingly on upgrade. Make sure that you also upgrade your email gateway(s) to the latest 14.2 version that contains the new SDR verdicts.

Note
The SDR Reporting and Tracking AsyncOS APIs are updated to reflect the new SDR Threat Level and Category structure.
Note
The SDR Tracking Logs are updated to reflect the new SDR Threat Levels and Sender Maturity details.

Managing Data Storage Time for Centralized Email Tracking Service

You can now configure your Secure Email and Web Manager to store the messages (data) in the Centralized Email Tracking database based on the number of days.

You can configure this feature in any one of the following ways:

  • Use the Apply Data Storage Time option in System Administration > Disk Management > Edit Data Disk Management page of the legacy web interface.

  • Use the Manage data based on the storage time statement in diskquotaconfig > edit > Centralized Email Tracking sub command in the CLI.

Important: From Secure Email and Web Manager 13.6.2 version, the Splunk database is no longer used for email tracking data. All new email tracking data is stored in the Lucene database. When you use this feature, the Splunk database that contains the email tracking data gets deleted automatically.

Action: Make sure you take a backup of the email tracking data (if required). You can use the backupconfig command in the CLI to perform the backup action. For more information, see Scheduling Single or Recurring Backups.

Note
If your organization network has only one Secure Email and Web Manager, you need to deploy a new Virtual Machine (VM) in the network. For more information on how to deploy a virtual Secure Email and Web Manager, see Cisco Secure Email and Web Virtual Appliance Installation Guide.

For more information, see Managing Data Storage Time.

PVO Quarantine Threshold Alert

Secure Email and Web Manager sends an alert to the recipient when the number of PVO quarantine messages exceeds a user-defined threshold value set for a specific time duration and PVO quarantine.

Secure Email and Web Manager ensures that you receive the alerts you set as an email.

You can configure PVO quarantine threshold alerts, using the following ways:

  • Email > Message Quarantine > Policy Virus and Outbreak Quarantines page in the web interface

  • quarantineconfig command in the CLI

For more information, see “PVO Quarantine Threshold Alert” section in the “Centralized Policy, Virus, and Outbreak Quarantines” chapter of the user guide.

Configuring End-User Quarantine for Shared Mailbox

You can now access the EUQ of the Shared Mailbox and perform any actions on the quarantine messages when an administrator enables single sign-on to access End-User Quarantine (EUQ) and you have delegated access to that Shared Mailbox. It reduces the workload on administrators and assists in the timely delivery of quarantined messages.

You can access EUQ to search the spam quarantine messages of the Shared Mailbox if you can log into EUQ through SAML 2.0 authentication. You can view the quarantined messages of your Primary Mailbox and you can now add the Shared Mailbox to which you have access and view the quarantined messages of that Shared Mailbox.

EUQ allows you to add multiple Shared Mailboxes and provides an option to view, search, release, and delete the quarantined messages.

You can access the Shared Mailbox in the following ways:

  • Enter the Spam Notification link in the browser.

  • Log in to Secure Email and Web Manager EUQ using Spam Quarantine portal.

    For more information, see “Configuring End-User Quarantine for Shared Mailbox” section in the “Spam Quarantine” chapter of the user guide.

Support for new feature in AsyncOS 14.2 for Cisco Secure Email Cloud Gateway

URL Retrospection Report page - This report page shows URLs processed by the URL Retrospective Service. This page lists the malicious URLs, date and time when verdict is received from the URL Retrospective Service, and the remediation status of impacted messages.

For more information, see URL Retrospection Report page.

No Support of Splunk database for Email Tracking Data

When you log in to Secure Email and Web Manager through the web interface or the CLI, you may see the following message if you are using the Splunk database for email tracking data:

“You have x GB of email tracking data in the Splunk database. From Secure Email and Web Manager 13.6.2 version, the Splunk database is no longer used for email tracking data. All new email tracking data is stored in the Lucene database. There will be no support of the Splunk database for email tracking data in the future General Availability (GA) release of Secure Email and Web Manager.”

Action: Make sure you take a backup of the email tracking data (if required). You can use the backupconfig command in the CLI to perform the backup action. For more information, see Scheduling Single or Recurring Backups.

Note
If your organization network has only one Secure Email and Web Manager, you need to deploy a new Virtual Machine (VM) in the network. For more information on how to deploy a virtual Secure Email and Web Manager, see Cisco Secure Email and Web Virtual Appliance Installation Guide.

Enhancements on Grouping Appliances for File Analysis Reporting

Cisco Secure Email and Web Manager now uses the Smart Account ID to group appliances in your organization and to view the file analysis result of all appliances.

When Smart Licensing is enabled on Cisco Secure Email and Web Manager, and you configure the appliance group for file analysis reporting, the system automatically registers Smart Account ID as the Appliance Group ID. You can change the Appliance Group ID at any time, and the change takes effect immediately without a Commit action.

For more information, see (Cloud File Analysis) Configure the Management Appliance to Display Detailed File Analysis Results.

Smart Software Licensing Enhancements

Following are the enhancements made to the Smart Software Licensing feature:

  • License Reservation: You can reserve licenses for features enabled in Secure Email and Web Manager without connecting to the Cisco Smart Software Manager (CSSM) portal. This is mainly beneficial for users that deploy Secure Email and Web Manager in a highly secured network environment with no communication to the Internet or external devices.

    For more information, see Overview and Reserving Feature Licenses.

  • Device Led Conversion: After you register Secure Email and Web Manager with smart licensing, all existing, valid classical licenses are automatically converted to smart licenses using the Device Led Conversion (DLC) process. These converted licenses are updated in the virtual account of the CSSM portal.

    For more information, see Overview.

Modification of Classic Licensing - Expiration Date in Web Interface and CLI

From this release onwards, the existing ‘Expiration Date’ column header in the web interface and CLI for classic licensing is modified as follows – “Expiration Date (including grace period” to indicate that the grace period is included in the expiration date.

Note: All alert messages and mail logs are modified to display the expiration date, including the grace period for a feature key.