AsyncOS 6.5.2 for Email now generally available
We have put out a new maintenance release for Email Security and Security Management. The official announcement can be read here:
http://preview.tinyurl.com/ql2dxu
I've updated the title on the Security Alerts page, and included a link to the Secunia Advisory in the announcement. Here is a link to the new announcment
http://preview.tinyurl.com/llrx8f
Thanks for pointing this out.
-karl
There is an announcement in the Security section, but I see the title doesn't refer to the Secunia alert number, or mention Quarantine, which makes it hard to spot. I'll get that fixed.
Here's a link to the announcement.
http://preview.tinyurl.com/pmpbva
btw it fixes (beside other problems) this XSS Spam Quarantine problem: http://secunia.com/advisories/34895/
Strange thing that this Security Related Info is no yet listed within the Support Portal. At the moment it can only be found in the Release notes of 6.5.2 linked at the bottom right of the Support Portal.
Is this as CISO / IronPort Communication Problem?
:o[url]
Similar Messages
-
AsyncOS 6.5.3 for Email and Management is GA
Hi,
On Monday (08/17) we released AsyncOS 6.5.3 for Email and Management to all customers. Here is a summary of the fixes included in this release. Please have a look at the release notes for a more comprehensive list or contact Cisco IronPort Customer Support if you have questions in regards to anything specific that is not listed there.
Partial list of defects fixed in 6.5.3-007:
* Fixed: Clustered Appliances Don’t Close Orphaned Connections. [Defect ID: 40184 and 34441]
* Fixed: 30 connections to ldap when max=10 [Defect ID: 45194]
* Fixed: Multibyte filename for encrypted attachment can be corrupted [Defect ID: 45721]
* Fixed: Export on Delivery Status page on Monitor tab only gives 10 entries when 100 are displayed [Defect ID: 46977]
I'd like to encourage you to have a look at the release notes and to upgrade to 6.5.3 at your convenience.
Please be advised that due to some optimizations for future upgrades, it will not be possible to revert from 6.5.3 to versions earlier than 6.5.0.
Let us know how you like it!
Best,
Jakobthis is a bit old now, can it be un-stickied?
As you wish! :) -
VMware vCenter Application Discovery Manager 6.2.2 is now generally available
Hello all,
We are pleased to announce that VMware vCenter Application Discovery Manager 6.2.2 is now generally available.
If you have purchased the product, you can download it from the Application Discovery Manager home page.
vCenter Application Discovery Manager 6.2.2 is a maintenance release.
Support for VMware vSphere 5.0 has been added to this release.
The release notes and guides are available here.
Best regards,
The VMware vCenter Application Discovery Manager teamThere is no open source version of vADM. What you are probably looking at is a list of open source components that are included inside the vADM image. We list all open source component for compliance reasons.
The installation steps for vADM can be found in the Administrator Guide.
I hope this helps. -
VMware vCenter Application Discovery Manager 6.2 is now generally available
Hello all,
We are glad to announce that VMware vCenter Application Discovery Manager 6.2 is now generally available.
If you have purchased the product, you can download it from the Application Discovery Manager home page.
We've added the following new features in this release:
User authentication over LDAP
A built-in Application Pattern for Microsoft SharePoint
NMAP as an additional discovery method during IP Discovery
The release notes and guides are available here.
Best regards,
The VMware vCenter Application Discovery Manager teamThere is no open source version of vADM. What you are probably looking at is a list of open source components that are included inside the vADM image. We list all open source component for compliance reasons.
The installation steps for vADM can be found in the Administrator Guide.
I hope this helps. -
AsyncOS 6.4.0 for Email and Management now available
We've had some discussion of 6.4 in other threads, and some of you may have received email notification, but I had neglected to post an announcement on IronPort Nation.
On October 6, 2008, we announced the general availability release of AsyncOS version 6.4.0-273 for all Email Security Appliances (C-Series and X-Series) and Security Management Appliances (M-Series).
Official Announcement on Support Portal
6.4.0 Email Security Release Notes
6.4.0 Security Management Release Notes
Karl Young
Email Security Product Support Engineer
IronPort Systemsthis is a bit old now, can it be un-stickied?
As you wish! :) -
AsyncOS 7.1.1 for Email is GA
Hi,
Cisco is pleased to announce the General Availability (GA) of a new major release of AsyncOS 7.1.1-012 for Email to all customers. This release applies to all our Email Security Appliances (C and X-Series).
Please be advised that a new maintenance release AsyncOS 7.0.2-007 for Email is also currently generally available to all customers. We highly recommend upgrading to AsyncOS 7.1.1-012 for Email, if you plan to use any of the new features and enhancements listed below.
New Features and Enhancements in 7.1.1-012 for Email
Enhancement: DLP Assessment Wizard (Requires RSA DLP Feature Key)
Enhancement: New RSA Email DLP Policy templates support (Massachusetts CMR-201 and Corporate Financials)
Enhancement: TLS Administration Enhancements
Enhancement: No Authentication Encryption Envelope (Requires IronPort Email Encryption Feature Key)
New Feature: Administrative Access Control List
New Feature: Customized Login Banner
Partial list of defects fixed in 7.1.1-012 for Email
Fixed: A Malformed Viral Message can potentially cause a Mail Outage, when using McAfee as AV engine with non-default settings [Defect ID: 68615]
Fixed: Some Viral messages can be reported unscannable and potentially delivered, when using Sophos as AV engine with non-default settings [Defect ID: 68896]
Fixed: Extra Spaces in Footer When Forwarding via Outlook [Defect ID: 67312]
Fixed: Demo Certificate Becomes Default Certificate After Upgrade to AsyncOS 7.1 for Email [Defect ID: 69456]
Fixed: Application Fault Occurs When Switching Cluster Levels in Encryption Profile [Defect ID: 55874]
Fixed: Robustness Fixes for Lockups on C160 Appliances [Defect ID: 68955]
Fixed: Invalid Regular Expressions Affects RSA Email DLP Scanning [Defect ID: 67002]
For further information about this release, please refer to the AsyncOS Release Notes. The release notes are available on our Support Portal.
https://supportportal.ironport.com
Thank you for choosing Cisco IronPort Security Products.
Best,
KishoreI haven't upgraded to 5.5.0 yet, but I was very excited to learn about end-user whitelists and blacklists, which is something we'd been pushing for since we bought our Ironports. Unfortunately, it looks like it's being implemented in a way that makes it impossible for me to deploy at this time.
We have two C350s, and would need the whitelists and blacklists to appear on each box. It appears that I could do this by exporting the database from one machine, transferring it to the other, and then importing it. However, this appears to ONLY be able to be done via the GUI.
This is a showstopper for me, because I do not want to have to log into the Ironport every day to import and export the databases - I would want to automate it. I talked to technical support, and it appears that there is no way to do this via the CLI.
My feature request is this: please consider adding a command that would allow me to remotely force the database to be dumped, and another command to import the database.
Ideally, it would be something like:
safelistconfig dump
safelistconfig import
If that was available, I would make my users a lot happier with this feature. -
S4 Sync settings for email no longer available after update
After the Verizon Galaxy S4 Kit Kat update: I can no longer sync my email accounts. I get a "email sync turned off" message. when I go to the SYNC settings (stttings-accounts-email-settings-account settings-sync settings) there is NO option to turn sync setting back "ON"
Hello hdlane, let's get to the bottom of this together! To turn on sync settings for email, scroll down from the top of the home screen. At the top right there is a button with three squares & two arrows facing in opposite directions. This is the "More Settings" section. Press this option and it iwill open a list. Near the bottom of the list turn on sync and the emails will update.
WiltonA_VZW
VZW Support
Follow us on twitter @VZWSupport -
AsyncOS 5.6.0 for Web is now Generally Available
I am pleased to announce the "GA" release of 5.6.0. Code named "Maui" internally, this release is primarily focused on core proxy functionality. We have had great feedback from our beta testers and early adopters. I encourage customers to give 5.6.0 a try.
A few notes:
We have changed the way policies work and also added a new authentication layer called "identities". After upgrade we strongly recommend customers verify the post upgrade configuration to ensure policies and identities have been migrated appropriately to match your business needs.
If HTTPS was enabled and then is disabled at the time of upgrade, any archived decryption policies will not be maintained during the upgrade.
To enhance the security of the WSA, we explicitly prevent the WSA from proxying requests on the P2 interface. Customers who need this functionality may want to wait for the 5.6.2 release, which will support this configuration.
New Features in 5.6.0
* New Feature: Multi-core scanning (for improved performance)
* New Feature: Time-based policies for URL filtering
* New Feature: Enhanced routing policies (failover, load balancing, and conditional routing to multiple upstream proxies)
* New Feature: User-agent based policies
* New Feature: Policy trace tool
* New Feature: Custom EUN pages
* New Feature: SNMP enhancements (SNMPv1, 2, and 3, with support for traps and community strings)
* New Feature: Transparent bypass list
* New Feature: PAC file hosting
* New Feature: Active mode FTP over HTTP
* New Feature: GUI-based packet capture
Let us know what you think.
Regards,
Chris Haag
Manager, Technical SupportI need two identical identity policies that just say the authentication is CORP. Then in the access policies I limit the users. It would seem the user limiting should be done in the Identity Policy.
No, you only need one identity! In fact, if you've got 2 identities which are the same then the 2nd one will never actually match.
Identities and Access Policies are both a top-down, first match - with identities done first. So in your case you'd need one identity matching the domain CORP, and then in the access policy you can further limit that since identity based on the username.
Processing-wise it will do a top-down match on the identity to find the first match (your CORP identity) and then do a top-down match in the access policies to find a policy based on the CORP identity which matches the extra criteria you've added (ie, specific users/groups).
You can certainly end up in a situation where you can implement the same rules in a few different ways through a mixture of identities/policies, but at the end of the day it probably doesn't matter how you do it - pick whichever makes most sense for you! -
Before update had an add on to set pic size best for email, now lost pls help
would ask if i wanted to adj size
Tools menu (ALt+T) > add-ons and select check for updates for the add-on. It probably missed the boat somewhere along the line.
-
My emails now go to my gmail account
I set up a Gmail account and guessed at a few things during the set up process.
My emails now generally go to the new Gmail account ( but not all) and not to my original Thunderbird account. These emails are being sent to my original non Gmail address.
I'm happy to delete the whole Gmail thing, but am unsure if this will leave my emails being sent only to a dead account. Any ideas?I set up a gmail account too: in my ignorance, I thought it was a good idea.
How wrong!!!
Since getting this computer several years ago, I've had no big problems with firefox; but wierdly I couldn't get thunderbird to connect to the server: so, I've just been using virginmedia's webmail.
A year or so ago, Virgin passed their email service over to Google: making their webmail now over-complicated and messy on the screen- with many click-buttons duplicated, and some useful functions have been removed completely. Even with the old-style appearance option; my experience is worsened. For example, if I want to "add a new contact", I now have to open another tab in the new "standard" view: there is no longer any way to do it in the preferred previous view!! I don't like the new "standard" view because over half of the screen is covered by things other than my emails! I don't want to constantly have to look at multiple search boxes; and all those repeated clickables.
So, now I'll describe what happened when I registered for gmail: to my deepest regret!!!!!
Suddenly I found my open virgin webmail page (tab) was being repeatedly HIJACKED, and taken a gmail login page. I never asked for any synchronisation/amalgamation of my virgin (blueyonder.co.uk) email account and this flaming gmail account.
So I closed the gmail account: because it is too much trouble for sweet f.a. in benefit! Google confirmed the gmail account is closed.
But the same blasted thing keeps happening: my open blueyonder page disappears, and the gmail login page appears.
Goggle must have installed some form of MALWARE.... IT IS HIJACKING MY FIREFOX !!!
I have hunted all around goggle, including forums, for info on how to remove this unwanted malware. There is no info on how to remove anything goggle! There is no access route to ask actual people at goggle.
Perhaps firefox folk can help? Please! -
The FIM team is pleased to announce the availability of some additional Connectors for FIM2010R2.
General Availability of PowerShell Connector
The PowerShell Connector can be used to communicate with a system through PowerShell scripts. This allows an easy and flexible way to communicate with other systems but also to pre-/post-process data and files before handed over to the FIM Synchronization
Service. We believe the community will help providing scripts for this Connector for various systems and will open a place where scripts can be published for reuse.
TechNet docs:
http://go.microsoft.com/fwlink/?LinkID=393057
Download:
http://go.microsoft.com/fwlink/?LinkID=393056
Release Candidate of Generic SQL Connector
The Generic SQL Connector will allow you to connect to any database where you have an ODBC driver available. It enables new features compared to the built-in MA such as support for Stored Procedures, running SQL scripts, built-in delta import support, import
multiple object types, connect to multiple tables, and much more. This Connector is built on ECMA2.3 which allows schema discoverability to be customized in the Sync Engine UI. A pre-release of the next Sync Engine hotfix is included with the Connector download
and is required for the Connector to work.
Download:
https://connect.microsoft.com/site433/Downloads/DownloadDetails.aspx?DownloadID=52652
Release Candidate of SAP Users and Roles/Groups
The updated SAP templates for Users and Roles/Groups allows you to manage Users, Roles, and Groups in SAP. This also include password sync for Users to SAP. The Connector will make sure roles are represented as groups to make it possible to manage these
with bhold. This template will require the previously published WebService Connector:
http://go.microsoft.com/fwlink/?LinkID=235883.
Download:
https://connect.microsoft.com/site433/Downloads/DownloadDetails.aspx?DownloadID=52651
If you have participated in any other Connector preview program you will have access to the Release Candidate downloads. If you have not participated before then to get access to the preview programs on Connect either join the program “Identity and Access
Management”, “FIM Synchronization Service Connectors Pre-release” on
http://connect.microsoft.com/directory or follow this link
http://connect.microsoft.com/site433/SelfNomination.aspx?ProgramID=6709&pageType=1
We have also published an update to the Generic LDAP Connector adding support for some additional LDAP directories, see
http://support.microsoft.com/kb/2936070/. If you have additional LDAP directories you think we should support, please feel free to contact me.
On behalf of the FIM Sync team,
/Andreas KjellmanOn Tue, 18 Mar 2014 08:09:43 +0000, David Burghgraeve wrote:
We've been using the OpenLDAPXMA to be able to connect to ACF2 CA-LDAP (from Computer Associates) running on a IBM Z-OS Mainframe System. We've been using it for password synchronization since 2004 on MIIS. Today it's still used via the
OpenLDAPXMA (64bit) on FIM 2010 R2.
We had to tweak the password management component in the OpenLDAPXMA to support the error messages we get from the ACF2 System, as we support a multi-master password setup between Mainframe and Active Directory (one can change the password on
MF and/or on Windows). by example "LDP0406E ACF2 error modifying lid(ACF00155 NEW PASSWORD CANNOT BE THE SAME AS CURRENT PASSWORD)".
Additionally, we cannot get the delta import to work with the CA-LDAP, there's no capability in it and we tried to use the time attribute to use in the query for recent changes, but it does not work. (I think we need it in a large integer format
or unix time integer).
Would be great to have Microsofts' support in this :)
In a case like this where your follow-up has nothing to do with the
original post you should create a new thread.
Having said that, neither of the MAs to which you refer are official
Microsoft MAs and as such there is no support from Microsoft available.
Also, keep in mind that the ECMA1/XMA extensibility framework has been
deprecated and replaced by the ECMA 2.0. You should plan on replacing
existing ECMA1 management agents with ECMA2.0 connectors.
Paul Adare - FIM CM MVP
"It's 106 light-years to Chicago, we've got a full chamber of anti-matter,
a half a pack of cigarettes, it's dark, and we're wearing visors."
"Hotsync." -- Paul Tomblin & Peter da Silva -
AsyncOS 5.5.1-014 for Email is now available
UPDATE: 2008-2-26 5.5.1-014 releases:
This release includes a number of fixes:
* Fixed: Appliances Are Not Generating SNMP Traps
* Fixed: Leftover Files Are Deposited in scanning_temp_files Directory
* Fixed: DNS-Related Memory Issues Delay Acceptance of Incoming Mail
UPDATE: 2007-12-17 5.5.1-011, 5.1.2-011, 4.7.2-005 releases:
This release includes a number of updates and fixes:
* Fixed: 35715,38152,38531,38532 Consolidated LDAP fixes
* Fixed: 38506,38527 Certain malformed messages can severely degrade performance
* Fixed: 38274 IronPort Spam Quarantine alias consolidation issues with Active Directory
* Fixed: 38248 Clustered SafeList/BlockList incorrectly prompts for login
About Earlier Builds of AsyncOS for Email
38527 is also present in earlier builds of AsyncOS for Email. Due to the potential severity of this issue we have also patched the earlier versions listed below, customers who are not ready to upgrade to 5.5.1-011 are encouraged to upgrade to one of these builds:
5.1.2-011
4.7.2-005
UPDATE: 2007-11-28 5.5.1-010 releases:
This Hot Patch release contains the following feature and stability fixes
* New: PCI, HIPAA, GLB and SOX dictionaries preloaded for use in content and message filters
* 37711 Logging into the IronPort Spam Quarantine generates error
* Fixed: 37971 LDAP can slow delivery after log subscription update
* Fixed: 37772 LDAP routing host is ignored when the routing address matches the original address
* Fixed: 36408 application fault in smtpauth
IronPort Systems is pleased to announce the release of AsyncOS 5.5.1-010 for Email for all C-Series and X-Series Email Security Appliances. This release includes all of the powerful new tools for integrated Data Loss Prevention and Encryption released in AsyncOS 5.5.0 as well as critical security patches. IronPort recommends all customers to upgrade to 5.5.1.
* New Feature: IronPort PXE Encryption
* Enhanced: Content Scanning capabilities for Data Loss Prevention
* Enhanced: LDAP Capabilities
* New Feature: DKIM Authentication
* New Feature: End-User Safelists and Blocklists
* Enhanced: Reporting
* Enhanced: Web User Interface
* Updated: Brazilian DST
* Fixed: Double-Byte character rendering in IronPort Spam Quarantine
* Fixed: Performance optimization of disabled content filters
* Fixed: Virtual gateway delivery to host with invalid DNS entry may disrupt mailflow
NOTE: For customers running pre 5.5.0 releases, there is no requirement to upgrade to 5.5.0 first. If 5.5.1 appears as an available upgrade customers are encouraged to upgrade directly to 5.5.1.
Customers running older builds who are not ready to move to 5.5.1, are encouraged to upgrade to our current patched builds:
- 5.1.2-014
These builds provide out latest stability fixes.
Webinar for Selected New 5.5.0 Features
We are pleased to offer a webinar that presents information about Safelist/Blocklists, Smart Identifiers and DKIM. You can download the webinar from the Support Portal:
http://tinyurl.com/2o28uw
Preparing to Upgrade
As a best practice, IronPort recommends preparing for an upgrade by taking the following steps:
1. Save the XML configuration file off of the appliance.
2. Suspend the listeners.
3. Drain the mail queue and the delivery queue.
4. Re-enable the listeners after you upgrade.I haven't upgraded to 5.5.0 yet, but I was very excited to learn about end-user whitelists and blacklists, which is something we'd been pushing for since we bought our Ironports. Unfortunately, it looks like it's being implemented in a way that makes it impossible for me to deploy at this time.
We have two C350s, and would need the whitelists and blacklists to appear on each box. It appears that I could do this by exporting the database from one machine, transferring it to the other, and then importing it. However, this appears to ONLY be able to be done via the GUI.
This is a showstopper for me, because I do not want to have to log into the Ironport every day to import and export the databases - I would want to automate it. I talked to technical support, and it appears that there is no way to do this via the CLI.
My feature request is this: please consider adding a command that would allow me to remotely force the database to be dumped, and another command to import the database.
Ideally, it would be something like:
safelistconfig dump
safelistconfig import
If that was available, I would make my users a lot happier with this feature. -
I have the latest version of iPhoto and somehow I have lost the ability to use the Apple iPhoto templates for emailing photos. I select my photos, go to Share, go to email, and the templates used to pop up. Now the photos go directly to email. Does anyone know how I can get the templates back?
I encountered the same issue after an upgrade of iPhoto, and it was resolved by clicking on the "iPhoto" button on the menu on the top left of your screen, then "preferences", and in the very first window (General), select the very last pull-down menu "email photos using".
There, you can select various email providers, aol (if set-up), Microsoft outlook, etc... and of course, iPhoto (which should be the very first choice on the pull-down menu).
Select iPhoto, and you will immediately be able to use the templates and make cool cards when emailing your photos from iPhoto.
I hope this helps if your question has not yet been answered. -
6.3.5-003 and 6.1.5-110 for Email is now available.
IronPort Systems is pleased to announce the General Availability
of AsyncOS 6.3.5-003 for Email and a Maintenance Release of
AsyncOS 6.1.5-110 to all customers. These releases apply to all
our Email Security Appliances (C-Series and X-Series) and
Security Management Appliances (M-Series).
New Features, Enhancements, and Fixes in AsyncOS 6.3.5
* New Feature: Image Analysis (Requires Feature Key)
* New Feature: Detailed SMTP Logging
* Enhanced: SPF Content Filter Conditions
* Enhanced: SMTP Routing
* New Hardware Support: Support for the new X1060 and M1060 appliances
* Fixed: Bounce Verification Treats All Bounces As Invalid
* Fixed: DHAP setting is not rejecting recipients
New Features, Enhancements, and Fixes in AsyncOS 6.1.5
* New Hardware support: Support for the new X1060 and M1060 appliances
Please refer to the release notes for upgrade information.There is no mention of New Hardware Support: Support for the new X1060 and M1060 appliances on this link
-
Cisco IronPort AsyncOS 7.0.1-010 for Email GA Notification
Cisco, is pleased to announce the General Availability (GA) of a new major release of AsyncOS 7.0.1-010 for Email to all customers. This release applies to all our Email Security Appliances (C- and X-Series). Code named "Bally's" internally (yes, after the Casino), this release is packed with major new functionality. We have completed our usual, extensive Beta test process as well as a 2 month FCS time period; over 500 customers have already upgraded. Though we always recommend customers test out new releases before upgrading all of your production servers, we have great confidence in this release. Please upgrade and tell us what you think!
Note for Security Management Appliance (SMA) customers. To report on the new features in 7.0.1, you'll need to upgrade your M-Series to AsyncOS 6.7.6-068.
New Features and Enhancements in AsyncOS 7.0.1-010 for Email
New Feature: RSA Email Data Loss Prevention (requires Feature Key)
New Feature: Guaranteed Secure Delivery (requires PXE Encryption Feature Key)
New Feature: Unwanted Marketing Message Detection
Enhanced: Prioritized SMTP Routes
Enhanced: RADIUS Groups and Protocols for External Authentication
Enhanced: Quarantined Messages Attachments Enhancements
Enhanced: PXE Encryption Enhancements
PXE Encryption Enhancements
AsyncOS 7.0 provides the following enhancements to IronPort Email Encryption:
Guaranteed Secure Delivery
Encrypt on Delivery
Encrypt on Quarantine Exit
Multi-Envelope Branding
Automatic PXE Engine Updates
Fixes in AsyncOS 7.0.1-010
Fixed: TLS/SSL Man-in-the-Middle Vulnerability [Defect ID: 55972]
Fixed: Reporting Engine Stops Allocating Memory, Stops Processing Data, and Causes an Application Fault When the Housekeeper Thread Stops [Defect ID: 52048]Thanks!
Since started on Ironport ESA 3 years ago, UCE handling has always be problematic (basically, UCE is never treated as spam).
I hope the new Unwanted Marketing Message Detection feature fixes that!
Maybe you are looking for
-
M Audio Interface and MicroKorg.
I just bought an M audio fast track usb interface. I cant seem to get it to work with my microkorg. everytime i press a key, the lights on the front of the interface light up, but i hear no sound. can someone please help me. thanks
-
On demand database maintenance order
Dear Experts,We have a prod database (databaseA)at 45GB and it contains tables for attachments(documents, images etc) from 7 companies/affiliates. The compressed full backup size is at 35.5 GB. We also maintain diff and trn backups that run on sched.
-
Updating CC 14 wil be a new account
I am already having CC . Can I install CC 14 in same payment plan or it will treated a new ?
-
Hello. I am having difficulty trying to get Apple TV Generation 2 working. It has worked in the past. I have tried an update but get this message THE UPDATE WAS NOT SUCCESSFUL. THE APPLE TV UPDATE COULDN'T BE DOWNLOADED AT THIS TIME. TRY AGAIN L
-
My Apple TV Won't Connect to the Internet!
My Apple TV won't connect to the internet. Everything else in my house does! I've unplugged everything twice and restarted everything twice and still nothing. Any suggestions?