Cisco heeft een firmware-update uitgebracht voor haar Email Security Appliances, die afgekort worden tot ESA. De techniek stamt af van IronPort Systems, dat in 2007 door Cisco werd gekocht. Hoewel dat dus al meer dan een anderhalf decennium geleden is, hoor je ook nog steeds de naam IronPort terugkomen voor deze appliances. Voor de ondersteunde upgrade paths is het raadzaam om de documentatie door te nemen of om contact op te nemen met Cisco’s TAC. Deze firmware heet 14.2.1 en kent 14.2.1-020 als exact versienummer; hiermee worden ook de recente sql-injectie- en http-response-header-injectie-problemen mee aangepakt. De lijst met vernieuwingen ziet er als volgt uit: What’s New in AsyncOS 14.2.1 Using only User-defined Passphrases to open Password-protected Attachments. From this release onwards, you can choose to use only the user-defined passphrases created in your email gateway to open password-protected attachments in incoming and outgoing messages. Sender Maturity. In this release, the legacy Sender Domain Reputation (SDR) Domain Age functionality is replaced with Sender Maturity. Sender Maturity is an important feature to establish sender reputation. Sender Maturity is automatically generated for spam classification based on multiple sources of information and can differ from “Whois-based domain age.” Sender Maturity represents the Cisco Talos view of how mature a domain is as an email sender. The maturity value is tuned to enable threat detection regarding emails and generally does not reflect the domain age represented in “Whois-based domain age.” Sender Maturity is set to a limit of 30 days, and beyond this limit, a domain is considered mature as an email sender, and no further details is provided. Sender Maturity is used to calculate the sender reputation. Immature domains are assigned lower reputation. Cisco Talos recommends you rely on sender reputation only for determining policy actions. Sender Maturity is exposed to fine-tune filters for specific, non-standard scenarios. Sender Domain Reputation Filtering Improvements. In this release, the user experience and overall quality of the Sender Domain Reputation (SDR) service is enhanced with performance improvements, increased availability, and deployment of SDR. New Sender Domain Reputation Verdicts. From this release onwards, the Sender Domain Reputation (SDR) verdicts are updated to accurately reflect the intended meaning and recommended usage. During the upgrade, the system automatically updates the Sender Domain Reputation message or content filter configurations to reflect the new verdicts. Make sure you review and configure the message or content filters accordingly. For more information about the recommended actions, you can take for each new SDR verdict, see the “SDR Verdicts” section in the “Sender Domain Reputation Filtering” chapter of the user guide. After you upgrade to AsyncOS 14.2.x release, the legacy SDR verdicts in the content or message filters, reporting, and message tracking are replaced with the new SDR verdicts as follows: