Cisco IronPort Encryption Appliance 6.5.5 Release Notes



Similar documents
Cisco Registered Envelope Recipient Guide

Release Notes for Cisco IronPort Security Plug-in 7.2

Configuring Cisco Unified Communications Manager for the NovaTec TransNova S3 Voice Gateway

Terminal Services Overview

Release Notes for Cisco IronPort Security Plug-in 7.1

Cisco Unified Attendant Console Backup and Restore Guide

Transferring Files Using HTTP or HTTPS

Cisco 100-Megabit Ethernet SFP Modules Compatibility Matrix

Release Notes for Cisco Support Tools Release 2.4(1)

Cisco Unified Wireless IP Phone 7925G Accessory Guide

System Message Logging

Cisco Director Class SAN Planning and Design Service

Cisco Unified Wireless IP Phone 7925G Accessory Guide

Cisco Network Planning Solution Documentation Guide and Supplemental License Agreement

Cisco Registered Envelope Recipient Guide

Connecting Cisco Fast Ethernet ISDN PRI Network Modules to the Network

PCI Compliance: Improve Payment Security

Cisco Registered Envelope Service 4.3 Recipient Guide

Connecting Cisco Serial High-Speed WAN Interface Cards

Cisco Registered Envelope Service 4.4 Recipient Guide

Cisco Data Center Business Continuity Planning Service

Cipher Suites and WEP

Cisco Aironet Dual Band MIMO Low Profile Ceiling Mount Antenna (AIR-ANT2451NV-R)

Accessibility Guidelines for Cisco Unified Contact Center Management Portal

Cisco IronPort Hosted and Hybrid Hosted Security Services

Cisco Smart Care Services Questions and Answers About the Voice Quality Monitor Service

L2TP Dial-Out Load Balancing and Redundancy

Cisco Data Center Virtualization Assessment Service

Cisco IP Phone 7961G/7961G-GE and 7941G/7941G-GE Enhancements

Cisco Data Center Architecture Assessment Service

Configuring the SA 500 for Active Directory Authentication of VPN Clients 2. Establishing a SSL VPN Connection By Using a Different Port Number 35

How to Register, Start, and Access a Cisco Online Exam

Hardware and System Software Specification for Cisco Unified Web and Interaction Manager

Release Notes for the Cisco WAN Modeling Tools, Release Patch 1

User Guide for Cisco Unified MeetingPlace Web Conferencing

Constraining IP Multicast in a Switched Ethernet Network

Cisco OC-3/OC-12/OC-48 SFP Transceiver Modules Compatibility Matrix

White Paper: Active Directory Capacity Planning (Cisco Unity Versions 4.x, 3.1, and 3.0(3) and Later with Microsoft Exchange)

Cisco Unified Contact Center Express Port Utilization Guide

Cisco Unified Reporting Administration Guide

Cisco Router and Security Device Manager File Management

Upgrading to the Cisco ubr7246vxr Universal Broadband Router

Cisco Cloud Security: Choosing the Right Security Deployment

Cisco 10-Gigabit Ethernet Transceiver Modules Compatibility Matrix

Cisco 10-Gigabit Ethernet Transceiver Modules Compatibility Matrix

Authentication on the Cisco IronPort Web Security Appliance

Installation Guide for Cisco Unified ICM/Contact Center Enterprise and Hosted Release 9.0(1)

How To Create A Security Solution For Retail Banking

Implementation Note for NetFlow Collectors

This feature was introduced. This feature was integrated in Cisco IOS Release 12.2(11)T.

Installation and Configuration Guide Cisco Unified CRM Connector for SAP

Cisco Virtual Desktop Infrastructure Planning and Design Service

Disaster Recovery System Administration Guide for Cisco Unified Presence Server Release 1.0(3)

Medical Data Exchange A New Approach to Healthcare Interoperability

Cisco Aironet 5-GHz MIMO 6-dBi Patch Antenna (AIR-ANT5160NP-R)

FIPS Level 1 Security Policy for Cisco Secure ACS FIPS Module

Data Center Infrastructure Design Guide 2.1 Readme File

Integrating CAD with Thin Client and Virtual Desktop Environments

Cisco Aironet 5-dBi Omnidirectional Antenna (AIR-ANT2450V-N)

Calling Name Delivery (CNAM)

Cisco Unified Communications Express Historical Reporting Client Configuration Guide

FXO, FXS, and E&M Voice Interface Card Support on Cisco 1700 Series Routers

Danish Train Operator Gets Customer Service Back On Track

Cause Codes and Debug Values

InformaCast Virtual Appliance Basic Paging

Cisco Smar t Busines s Communications System IP Phone Por tfolio

Course Booklet. CCNA Discovery Networking for Home and Small Businesses. Version 4.0. ciscopress.com

User Guide for Cisco Unified MeetingPlace Web Conferencing

Best Practices for Monitoring Cisco Unity Devices with Cisco Unified Operations Manager

Installation Guide for Cisco Unified Call Services, Universal Edition and Unified Call Studio

Securing Manufacturing Computing and Controller Assets

Cisco Unified Contact Center Express Installation Guide

Cisco Unified CME B-ACD and Tcl Call-Handling Applications

Release Notes for Cisco IronPort AsyncOS for

Release Notes for Cisco IronPort Security Plug-in 7.3.1

Cisco Unified CallConnector for Microsoft Office Troubleshooting Guide

CISCO SMALL AND MEDIUM BUSINESS CLASS VOICE SOLUTIONS: CISCO CALLMANAGER EXPRESS BUNDLES

Cisco IPICS Dispatch Console User Guide

Cisco Router and Security Device Manager USB Storage

Analog Channel Re-Creation Using the Digital Service Access Node

Cisco IronPort M-Series Security Management Appliance

Cisco Small Form-Factor Pluggable Modules for Gigabit Ethernet Applications

Production Software Within Manufacturing Reference Architectures

ICM Administration Guide for Cisco Unified ICM/Contact Center Enterprise & Hosted

Installing and Configuring External Flash Memory Cards in Cisco 3600 Series Routers

User Guide Cisco Unified MeetingPlace Express Release 2.0

Installation Guide for Cisco Unified Videoconferencing Manager Release 7.1

Release Notes for Cisco IronPort AsyncOS for

Cisco Unified Workforce Optimization

Cisco Unified Web and Interaction Manager Knowledge Base Author s Guide

Transcription:

Cisco IronPort Encryption Appliance 6.5.5 Release Notes Published: August 30, 2011 Contents These release notes contain important information about running the latest version of the IronPort Encryption Appliance: What s New. This section describes new features introduced in this release. See What s New, page 1. Fixed Issues. This section describes the issues that were fixed in this release. See Fixed Issues, page 1. Known Limitations. This section describes known limitations in this release. See Known Limitations, page 3. Patch Installation Instructions. This section provides patch installation instructions for this release. See Patch Installation Instructions, page 4. Service and Support. This section provides information on obtaining service and support for your Cisco IronPort Encryption Appliance. See Service and Support, page 5. What s New This release focuses on fixing known issues and does not introduce new features. Fixed Issues The following table includes descriptions of fixed issues in the latest version of the Cisco IronPort Encryption Appliance. Americas Headquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA

Fixed Issues Table 1 Fixed Issues for the Cisco IronPort Encryption Appliance version 6.5.5 65895 Fixed: TLS security advisory An industry-wide vulnerability existed in the Transport Layer Security (TLS) protocol that could impact any Cisco product that used any version of TLS and SSL. The vulnerability existed in how the protocol handled session renegotiation and exposed users to a potential man-in-the-middle attack (This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20091109-tls.shtml). This issue has been addressed for the Cisco IronPort Encryption Appliance. 65937 Fixed: Improved robustness for handling websafe properties files containing modifications Fixed an issue in which when performing an upgrade, the upgrader was not designed to handle Websafe properties files which were modified. 71729 Fixed: Socket exception information In the previous releases, the following socket exception was reported at ERROR level: ERROR [org.apache.tomcat.util.net.pooltcpendpoint] Remote Host /<IP Address> SocketException: Connection reset Now, if there is a socket exception when a server is restarted, the exception is displayed as INFO along with the stack trace. 74875 Fixed: Cannot Open Certain Envelopes on IE7 Fixed an issue in which CRES users were unable to open envelopes, and corrupted message error displayed under the following circumstances: If the envelope had one or more attachments The envelope was large Java was not installed on the user machine 75445 Fixed: Login error erroneously informs customer the account is blocked Fixed an issue in which a blocked account error message displayed for a suspended account. Because the steps to remedy a blocked account are different from the ones used to remedy a suspended account, the message may have caused difficulty in re-instating the account. 75478 Fixed: Disable/Enable the Java-based File Transfer Applet (Uploader Applet) From the GUI Once the Cisco IronPort Encryption appliance is upgraded to version 6.5.5, Java-based File Transfer Applet (Uploader Applet) will be disabled by default. To modify this setting, go to Admin UI -> Configuration -> Globals, 'Enable File Transfer Applet'. 75516 Fixed: Java errors may occur when using the Java-based File Transfer Applet (Uploader Applet) In some situations, a null pointer exception error occurred when using the Java-based File Transfer Applet (Uploader Applet) to upload attachments. This issue has been addressed. 75613 Fixed: Updated version of JRE Updated the JRE version to 1.5.0.30. 75872 Fixed: Envelope Opener Applet does not load on first attempt on Internet Explorer 8 Fixed an issue in which when opening a secure envelope with an attachment for the first time, an error message displays and the message cannot be opened. 2

Known Limitations Table 1 Fixed Issues for the Cisco IronPort Encryption Appliance version 6.5.5 (continued) 75892 Fixed: Database table size issues may occur when tracking is enabled Fixed an issue in which the T_TRACKINGRECIPS table was not cleaned up by the Tracking Cleanup scheduled task, possibly leading to excessive database size. Now the table is cleaned up by the Tracking Cleanup scheduled task. 76981 Fixed: Attempting to resend undelivered secure messages fails Fixed an issue in which attempting to resend undelivered secure messages failed. This occurred when the message delivery failed, and bounced messages were treated as errors rather than temporary failures. 77686 Fixed: Updated version of OpenSSH Updated the OpenSSH version to openssh-4.3p2-72.el5_6.3 to fix the security vulnerability listed in CVE-2008-5161. Known Limitations The following table includes descriptions of known issues in the latest version of the Cisco IronPort Encryption Appliance. Table 2 Known Issues for the Cisco IronPort Encryption Appliance version 6.5.5 79216 The Forget Me on this Computer field not present when the Remember Me checkbox is checked and message is opened via the Open Online link When decrypting a message using the Open Online link while the Remember Me checkbox is checked, the Forget Me on this Computer link is not present. Workaround: Uncheck the Remember Me on this computer checkbox or delete the cookie manually. 62168 Unable to modify some users whose account name contains special characters After entering a new user whose account name contains special characters, an error may appear stating that the user information cannot be modified. 72907 Temporary files are not removed if the application server is restarted before the user session times out When opening an envelope, temporary files that are created do not get removed if the application server is restarted before the user session times out. This can cause memory problems if the temporary directory becomes large. 72918 SMTP adapter is dependent upon scheduler service The Scheduler Service must start before the SMTP adaptor can start. The SMTP adapter is responsible for processing mail, so email may not be sent or received. This dependency can be removed through manual configuration. Please contact customer support if you encounter this problem. This issue will be resolved in a later release. 73127 When attempting to attach multiple files using the Java-based File Transfer Applet (Uploader Applet), clicking the Remove button causes the page to reset and attachments are lost When attempting to attach multiple files to an encrypted message, if you click the Remove button, this causes the page to reset and all attachments to be lost. 3

Patch Installation Instructions Table 2 Known Issues for the Cisco IronPort Encryption Appliance version 6.5.5 (continued) 73128 When attempting to attach files using the Java-based File Transfer Applet (Uploader Applet), clicking the Done button while file uploads are in progress aborts any uploads in progress When attempting to attach files to an encrypted message, clicking the Done button causes the process to abort, and changes are lost. 76309 Individual file size limits are not checked when uploading files When uploading files during message composition, the individual file size is not checked. However, total message size limits are still working as expected. For example if the file size limit is 25 MB per file, and 50 MB for the total message size, the Cisco IronPort Encryption appliance would allow you to upload a 30 MB file, but it would not allow the total message size to exceed 50 MB. 76705 Java-based File Transfer Applet (Uploader Applet) does not warn when attachment process is aborted When adding attachments using the Java-based File Transfer Applet (Uploader Applet), if the Done button is clicked before the files finish uploading, the files do not get attached and no warning displays to notify customers that the files are not attached. 76719 Large file support attachment names with UTF-8 characters display incorrectly When opening a LFS attachment, attachment names with UTF-8 characters display incorrectly when the recipient opens the envelope. Patch Installation Instructions Follow the instructions below to obtain and install the patch. Pre-installation Requirements Before you upgrade to the 6.5.5 version of the Cisco IronPort Encryption Appliance, verify that the appliance meets the following requirements: Shell Access on Cisco IronPort Encryption Appliance. You must have access to the shell for the Cisco IronPort Encryption Appliance. For more information, refer to Chapter 1, Setting Up the Cisco IronPort Encryption Appliance, in the Cisco IronPort Encryption Appliance 6.5 Installation Guide. Version. You must have one of the following versions of the Cisco IronPort Encryption Appliance: 6.5.2 6.5.2.1 6.5.2.2 6.5.3 6.5.3.1 6.5.4 6.5.4.1 To verify the version, log into the appliance at the CentOS command prompt, and select option a - About from the main menu. 4

Service and Support Internet access from Cisco IronPort Encryption Appliance. You must be able to access the Internet from the Cisco IronPort Encryption Appliance. Internet access is required to download the tools that are necessary to install the patch. Installation Steps Step 1 Step 2 Step 3 Use the following command to copy the software patch from the IronPort Support Portal to your appliance: scp checksum_iea_6.5.2x_6.5.3x_6.5.4x-6.5.5_patch.sh admin@<iea IP Address>: Use SSH to connect to the appliance. ssh admin@<iea IP Address> At the main menu, enter option x to exit to the Unix command prompt. Note The x option is a hidden command and does not appear in the list of menu options Step 4 Step 5 Step 6 Use the following command to install the patch: sh./checksum_iea_6.5.2x_6.5.3x_6.5.4x-6.5.5_patch.sh Type exit to return to the main menu for the Cisco IronPort Encryption Appliance. To verify that the patch was properly installed, select option a - About from the main menu. If the patch installation was successful, the software version number is displayed as version 6.5.5. Service and Support You can request support by phone, email, or online 24 hours a day, 7 days a week. During customer support hours (24 hours per day, Monday through Friday excluding U.S. holidays), an engineer will contact you within an hour of your request. To report a critical issue that requires urgent assistance outside of our office hours, please contact Cisco IronPort using one of the following methods: U.S. toll-free: 1 (877) 641-4766 International: http://cisco.com/web/ironport/contacts.html Support Portal: http://cisco.com/web/ironport/index.html CCDE, CCENT, Cisco Eos, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence, the Cisco logo, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iphone, iq Expertise, the iq logo, iq Net Readiness Scorecard, iquick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this document or Website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0807R) 5

Service and Support Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental. 2011 Cisco Systems, Inc. All rights reserved. 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information