Release Notes for AsyncOS 9.0.

x for
Cisco Web Security Appliances
Published: September 21, 2015
Revised: March 8, 2016

Contents

Whats New, page 1

Release Classification, page 3

Supported Hardware for This Release, page 3

Upgrade Paths, page 4

Pre-Upgrade Requirements, page 6

Installation and Upgrade Notes, page 7

Upgrading AsyncOS for Web, page 11

Important! Actions Required After Upgrading, page 11

Documentation Updates, page 12

Known and Fixed Issues, page 13

Related Documentation, page 15

Support, page 15

Whats New

Whats New in Cisco AsyncOS 9.0.1, page 2

Whats New in Cisco AsyncOS 9.0.0-485 (LD), page 3

Cisco Systems, Inc.

www.cisco.com

Whats New

Whats New in Cisco AsyncOS 9.0.1

Whats New in Cisco AsyncOS 9.0.1-162 (GD), page 2

Whats New in Cisco AsyncOS 9.0.1-161 (GD - for physical appliances only), page 2

Whats New in Cisco AsyncOS 9.0.1-135 (ED), page 2

Whats New in Cisco AsyncOS 9.0.1-162 (GD)

On physical WSA appliances, builds 161 and 162 are identical. A last-minute issue (CSCux56040) was
found with build 161 when installed on virtual WSA appliances. The issue is corrected in build 162.
Feature

Description

Identity Services Engine

(ISE) versions

All versions of ISE up to 2.0 are supported.

Maximum HTTP
Header Size

You can use the CLI command maxhttpheadersize to change the

maximum HTTP header size for proxy requests. Increasing this value
can alleviate Policy Trace failures that can occur when the specified user
belongs to a large number of authentication groups, or when the
response header is larger than the current maximum header size.
Note

This command was actually introduced in AsyncOS 9.0.

Whats New in Cisco AsyncOS 9.0.1-161 (GD - for physical appliances only)
This build can be installed only on physical appliances; see the explanation in the previous section,
Whats New in Cisco AsyncOS 9.0.1-162 (GD).
Feature

Description

Identity Services Engine

(ISE) versions

All versions of ISE up to 2.0 are supported.

Maximum HTTP
Header Size

You can use the CLI command maxhttpheadersize to change the

maximum HTTP header size for proxy requests. Increasing this value
can alleviate Policy Trace failures that can occur when the specified user
belongs to a large number of authentication groups, or when the
response header is larger than the current maximum header size.
Note

This command was actually introduced in AsyncOS 9.0.

Whats New in Cisco AsyncOS 9.0.1-135 (ED)

This is a maintenance release; no new features were added.
See the Fixed issues search in Known and Fixed Issues in Release 9.0.1-135 (ED), page 14 for
additional information.

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

Release Classification

Whats New in Cisco AsyncOS 9.0.0-485 (LD)

Feature

Description

Secure ICAP

You can now secure the channel between the appliance and an external
DLP (ICAP) server.

TLS/SSL Configuration

For enhanced security, you can now enable and disable SSL v3 and
various versions of TLS for several services. Disabling SSL v3 for all
services is recommended for best security. You also can enable a
protocol fallback option.

Ciscos Update servers do not support SSL v3, therefore TLS

1.0 or above must be enabled for the Cisco Update service.
However, SSL v3 can still be used with a local update server, if
it is so configuredyou must determine which versions of
SSL/TLS are supported on that server.

Note

Range Request Forwarding

You can now control how incoming range requests are handled, on a
per-policy basis.

Recent log-in information

You can now view a listing of recent appliance access attempts, both
successes and failures, for your user name. When logging in via the CLI,
this information is displayed automatically on log-in. In the Web
interface, click the recent-activity (i or ! for success or failure icon
respectively) in front of the Logged in as entry in the upper right
corner of the application window.

Release Classification
Each release is identified by the release type (ED - Early Deployment, GD - General Deployment, etc.)
For an explanation of these terms, see
http://www.cisco.com/c/dam/en/us/products/collateral/security/web-security-appliance/content-securit
y-release-terminology.pdf.

Supported Hardware for This Release

All virtual appliance models.

The following hardware models:

S170
S370
S670
S680
S380

Some hardware models require a memory upgrade before you can install or upgrade to this AsyncOS
release. For more information, see
http://www.cisco.com/c/en/us/support/docs/field-notices/638/fn63931.html

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

Upgrade Paths

Upgrade Paths
Before you start the upgrade process, see Pre-Upgrade Requirements, page 6 and Installation and
Upgrade Notes, page 7.

Upgrading to AsyncOS 9.0.1, page 4

Upgrading to AsyncOS 9.0 (LD - Limited Deployment), page 6

Upgrading to AsyncOS 9.0.1

Upgrading to AsyncOS 9.0.1-162 (GD - General Deployment), page 4

Upgrading to AsyncOS 9.0.1-161 (GD - General Deployment; for physical appliances only), page 4

Upgrading to AsyncOS 9.0.1-135 (ED - Early Deployment), page 5

Upgrading to AsyncOS 9.0.1-162 (GD - General Deployment)

You can upgrade to release 9.0.1-162 for AsyncOS for Cisco Web Security appliances from the
following versions:

7.7.0-761

8.0.0-503

8.5.1-021

8.7.0-172

9.0.0-485

7.7.0-809

8.0.6-078

8.5.2-027

8.8.0-085

9.0.1-135

8.0.7-142

8.5.2-103

9.0.1-144

8.0.7-149

8.5.2-105

9.0.1-161

8.0.7-150

8.5.3-069

8.0.7-151

8.0.7-152

8.0.8-113

8.0.8-118

8.0.8-401

8.1.0-235

Upgrading to AsyncOS 9.0.1-161 (GD - General Deployment; for physical appliances only)
You can upgrade to release 9.0.1-161 for AsyncOS for Cisco Web Security appliances from the
following versions:

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

Upgrade Paths

7.7.0-761

8.0.0-503

8.5.1-021

8.7.0-172

9.0.0-485

7.7.0-809

8.0.6-078

8.5.2-027

8.8.0-085

9.0.1-135

8.0.7-142

8.5.2-103

9.0.1-144

8.0.7-149

8.5.2-105

8.0.7-150

8.5.3-069

8.0.7-151

8.0.7-152

8.0.8-113

8.0.8-118

8.0.8-401

8.1.0-235

Upgrading to AsyncOS 9.0.1-135 (ED - Early Deployment)

Caution

If your organization uses time and volume quotas, Cisco does not recommend upgrading to this release.
For information, see https://tools.cisco.com/bugsearch/bug/CSCux58919.
You can upgrade to release 9.0.1-135 for AsyncOS for Cisco Web Security appliances from the
following versions:

7.7.0-761

8.0.0-503

8.5.1-021

8.7.0-172

7.7.0-809

8.0.6-078

8.0.6-119

8.5.2-024

8.8.0-085

8.5.2-027

8.0.7-142

8.5.2-103

8.0.7-149

8.5.2-105

8.0.7-150

8.0.7-151

8.5.3-051

8.0.7-152

8.5.3-064

8.0.8-113

8.0.8-118

8.0.8-401

8.1.0-235

9.0.0-485

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

Pre-Upgrade Requirements

Upgrading to AsyncOS 9.0 (LD - Limited Deployment)

You can upgrade to release 9.0.0-485 for AsyncOS for Cisco Web Security appliances from the
following versions:

7.7.0-500

8.0.0-408

8.1.0-235

8.5.0-389

8.7.0-141

9.0.0-324

7.7.0-608

8.0.0-503

8.1.0-245

8.5.0-390

8.7.0-172

9.0.0-326

7.7.0-706

8.5.0-476

9.0.0-465

7.7.0-710

8.0.5-075

8.5.0-497

8.8.0-021

7.7.0-725

8.0.5-079

8.5.0-518

8.8.0-033

7.7.0-736

8.0.5-082

8.8.0-085

7.7.0-744

7.7.0-753

7.7.0-757

8.5.1-019

8.0.6-053

8.5.1-021

8.0.6-078

8.5.1-022

7.7.0-760

8.0.6-101

7.7.0-761

8.0.6-119

8.5.2-027

7.7.0-764

8.0.6-123

8.5.2-103

8.0.6-124

8.0.6-126

7.7.5-190

7.7.5-194

7.7.5-195

8.0.7-142

7.7.5-302

8.0.7-149

7.7.5-311

8.0.7-150

8.0.8-113

Pre-Upgrade Requirements
Update RAID Controller Firmware
Before upgrading the AsyncOS software, update the RAID controller firmware as described in Cisco
Update for RAID Controller Firmware (For S360/S370/S660/S670 only, reboot required) Release Notes.

Check Post-Upgrade Requirements Before Upgrading

Some existing functionality will not work after upgrade until you make changes. To minimize downtime,
familiarize yourself with and prepare for those requirements before upgrading. See Important! Actions
Required After Upgrading.

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

Installation and Upgrade Notes

Installation and Upgrade Notes

Compatibility Details

Deploying a Virtual Appliance

Configuration Files

Demo Security Certificate Encryption Strength

Post-Upgrade Reboot

Compatibility Details

Compatibility with Cisco AsyncOS for Security Management

IPv6 and Kerberos Not Available in Cloud Connector Mode

Functional Support for IPv6 Addresses

Availability of Kerberos Authentication for Operating Systems and Browsers

Compatibility with Cisco AsyncOS for Security Management

For compatibility between this release and AsyncOS for Cisco Content Security Management releases,
see the compatibility matrix at:
http://www.cisco.com/c/en/us/support/security/content-security-management-appliance/products-relea
se-notes-list.html.

IPv6 and Kerberos Not Available in Cloud Connector Mode

When the appliance is configured in Cloud Connector mode, unavailable options for IPv6 addresses and
Kerberos authentication appear on pages of the web interface. Although the options appear to be
available, they are not supported in Cloud Connector mode. Do not attempt to configure the appliance
to use IPv6 addresses or Kerberos authentication when in Cloud Connector mode.

Functional Support for IPv6 Addresses

Features and functionality that support IPv6 addresses:

Command line and web interfaces. You can access WSA using http://[2001:2:2::8]:8080 or
https://[2001:2:2::8]:8443

Performing Proxy actions on IPv6 data traffic (HTTP/HTTPS/SOCKS/FTP)

IPv6 DNS Servers

WCCP 2.01 (Cat6K Switch) and Layer 4 transparent redirection

Upstream Proxies

Authentication Services
Active Directory (NTLMSSP, Basic, and Kerberos)
LDAP
SaaS SSO

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

Installation and Upgrade Notes

Transparent User Identification through CDA (communication with CDA is IPv4 only)
Credential Encryption

Web Reporting and Web Tracking

External DLP Servers (communication between WSA and DLP Server is IPv4 only)

PAC File Hosting

Features and functionality that require IPv4 addresses:

Internal SMTP relay

External Authentication

Log subscriptions push method: FTP, SCP, and syslog

NTP servers

Local update servers, including Proxy Servers for updates

Authentication services

AnyConnect Security Mobility

Novell eDirectory authentication servers

Custom logo for end-user notification pages

Communication between the Web Security appliance and the Security Management appliance

WCCP versions prior to 2.01

SNMP

Availability of Kerberos Authentication for Operating Systems and Browsers

You can use Kerberos authentication with these operating systems and browsers:

Windows servers 2003, 2008, 2008R2 and 2012

Latest releases of Safari and Firefox browsers on Mac (OSX Version 10.5+)

IE (Version 7+) and latest releases of Firefox and Chrome browsers on Windows 7 and XP.

Kerberos authentication is not available with these operating systems and browsers:

Windows operating systems not mentioned above

Browsers not mentioned above

iOS and Android

Deploying a Virtual Appliance

To deploy a virtual appliance, see the Cisco Content Security Virtual Appliance Installation Guide,
available from
http://www.cisco.com/c/en/us/support/security/web-security-appliance/products-installation-guides-lis
t.html.

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

Installation and Upgrade Notes

Migrating from a Hardware Appliance to a Virtual Appliance

Step 1

Set up your virtual appliance with this AsyncOS release using the documentation described in Deploying
a Virtual Appliance, page 8.

Step 2

Upgrade your hardware appliance to this AsyncOS release.

Step 3

Save the configuration file from your upgraded hardware appliance.

Step 4

Load the configuration file from the hardware appliance onto the virtual appliance.
If your hardware and virtual appliances have different IP addresses, deselect Load Network Settings
before loading the configuration file.

Step 5

Commit your changes.

Step 6

Go to Network > Authentication and join the domain again. Otherwise identities wont work.

Configuration Files
When you upgrade AsyncOS for Web from the web interface or Command Line Interface (CLI), the
configuration is saved to file in the /configuration/upgrade directory. You can access the upgrade
directory using an FTP client. Each configuration file name is appended with the version number, and
passwords in the configuration file are masked so they are not human readable.
Generally, configuration files from earlier AsyncOS releases are incompatible with later AsyncOS
releases and vice-versa.

Demo Security Certificate Encryption Strength

The encryption strength of the demo security certificate is 1024 bits both before and after upgrade to
AsyncOS 8.5 and later.

Post-Upgrade Reboot
You must reboot the Web Security appliance after you upgrade AsyncOS for Web.

Changes in Behavior
This section describes changes in behavior from previous versions of AsyncOS for Web that may affect
the appliance configuration after you upgrade to the latest version.

Special Characters No Longer Allowed in Regular Expressions

You can no longer use .* to begin or end a regular expression. You also cannot use ./ in a regular
expression intended to match a URL, nor can you end such an expression with a dot.

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

Installation and Upgrade Notes

Special Characters Allowed in Active Directory User Names

Prior to AsyncOS 9.0, attempts to join an Active Directory domain with a user name that included special
characters would produce an error. Now the following special characters can be used in domain user
names: ` ~ ( ) { } ! # ^ _ $ & (however, note that % is not yet supported).

Limit on Number of Concurrent Sessions

Beginning in AsyncOS 8.5, individual users are limited to a maximum of 10 concurrent sessions; this
total includes both CLI and Web interface sessions.

List of Available Upgrades

Beginning in AsyncOS 8.5, all available releases appear in the list of available upgrades, including
releases that would previously have been provisioned only to a limited number of customers as a limited
release.
Each release in the list is identified by the release type (ED - Early Deployment, GD - General
Deployment, MD - Maintenance Deployment, etc.) For an explanation of these terms, see
http://www.cisco.com/c/dam/en/us/products/collateral/security/web-security-appliance/content-securit
y-release-terminology.pdf.

Support Requests Require CCO ID and Support Contract

Beginning in AsyncOS 8.5, in order to open a support request from the appliance, you must enter a CCO
ID and a support contract ID.

New Certificate Management Page

Beginning in AsyncOS 8.5, certificate management functionality has been moved from the Security
Services > HTTPS Proxy page to a new, stand-alone page: Network > Certificate Management.

Exporting Web Tracking Data

Previously, when exporting web tracking data as CSV, the data was sorted by timestamp. Beginning in
AsyncOS 8.5, this data is not sorted.

SNMP Monitoring
Beginning in AsyncOS 8.5, the following functionality is different from previous implementations:
Message authentication and encryption are mandatory when enabling SNMPv3. Passwords for
authentication and encryption should be different. The encryption algorithm can be AES (recommended)
or DES. The authentication algorithm can be SHA-1 (recommended) or MD5.

X-Authenticated-Groups Header Format

Beginning in AsyncOS 8.5, if LDAP authentication and External Data Loss Prevention are configured
on the appliance, AsyncOS sends the X-Authenticated-Groups header in this format:
LDAP://(LDAP server name)/(groupname).

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

10

Upgrading AsyncOS for Web

Previously, the format was LDAP://(groupname). This software change may require changes to policies
or other automation relying on the X-Authenticated-Groups header. [Defect: CSCum91801]

Upgrading AsyncOS for Web

Before You Begin

Perform preupgrade requirements, including updating the RAID controller firmware. See
Pre-Upgrade Requirements, page 6.

Log in as Administrator.

Step 1

On the System Administration > Configuration File page, save the XML configuration file off the Web
Security appliance.

Step 2

On the System Administration > System Upgrade page, click Available Upgrades.
The page refreshes with a list of available AsyncOS for Web upgrade versions.

Step 3

Click Begin Upgrade to start the upgrade process. Answer the questions as they appear.

Step 4

When the upgrade is complete, click Reboot Now to reboot the Web Security appliance.

Note

To verify the browser loads the new online help content in the upgraded version of AsyncOS, you must
exit the browser and then open it before viewing the online help. This clears the browser cache of any
outdated content.
New features are typically not enabled by default.

Important! Actions Required After Upgrading

In order to ensure that your appliance continues to function properly after upgrade, you must address the
following items:

Virtual Appliances: Required Changes for SSH Security Vulnerability Fix

Requirements in this section were introduced in AsyncOS 8.8.
The following security vulnerability will be fixed during upgrade if it exists on your appliance:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport.
If you did not patch this issue before upgrading, you will see a message during upgrade stating that it
has been fixed. If you see this message, the following actions are required to return your appliance to
full working order after upgrade:

Remove the existing entry for your appliance from the known hosts list in your ssh utility. Then ssh
to the appliance and accept the connection with the new key.

If you use SCP push to transfer logs to a remote server (including Splunk): Clear the old SSH host
key for the appliance from the remote server.

If your deployment includes a Cisco Content Security Management Appliance, see important
instructions in the Release Notes for that appliance.

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

11

Documentation Updates

File Analysis: Required Changes to View Analysis Result Details in the Cloud
The requirement in this section was introduced in AsyncOS 8.8.
If you have deployed multiple content security appliances (web, email, and/or management) and you
want to view detailed file analysis results in the cloud for all files uploaded from any appliance in your
organization, you must configure an appliance group on each appliance after upgrading. To configure
appliance groups, see the File Reputation Filtering and File Analysis chapter in the user guide PDF.
(This PDF is more current than the online help in AsyncOS 8.8.)

File Analysis: Verify File Types To Be Analyzed

The File Analysis cloud server URL changed in AsyncOS 8.8, and as a result, the file types that can be
analyzed may have changed after upgrade. You should receive an alert if there are changes. To verify the
file types selected for analysis, select Security Services > Anti-Malware and Reputation and look at
the Advanced Malware Protection settings.

Upgrading from non-ISE Releases and AsyncOS 8.5 with ISE Preview
All AsyncOS versions that did not include ISE support (that is, all versions prior to 8.5.0-497), and the
limited-availability AsyncOS 8.5 ISE Preview release, did not require the Admin and pxGrid
certificates, which are necessary in all subsequent Cisco AsyncOS releases in order to enable ISE
support. Therefore, when you upgrade from a non-ISE release, or from an ISE Preview installation with
ISE enabled, the ISE feature will not operate correctly until the two additional certificates are provided
(go to Network > Identity Services Engine).

Unescaped Dots in Regular Expressions

Following upgrades to the regular-expression pattern-matching engine, you may receive an alert
regarding unescaped dots in existing pattern definitions after updating your system. Any unescaped dot
in a pattern that will return more than 63 characters after the dot will be disabled by the Velocity
pattern-matching engine, and an alert to that effect will be sent to you, and you continue to receive an
alert following each update until you correct or replace the pattern. Generally, unescaped dots in a larger
regular expression can be problematic and should be avoided.

Documentation Updates
The following information supplements information in the Online Help and/or User Guide for this release.

Adding JavaScript to End-user Notifications

If you need to add standard JavaScript to end-user notifications of any type, follow instructions in the
user guide or online help for editing notification page HTML files. (JavaScript entered into the Custom
Message box for notifications in the web user interface will be stripped out.) Be sure to test your script
first in supported client browsers to ensure that it works as expected.

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

12

Known and Fixed Issues

Which Files Can Have their Reputation Evaluated and Be Sent for Analysis?
The criteria for evaluating a files reputation and for sending files for analysis may change at any time.
Criteria are available only to registered Cisco customers. See File Criteria for Advanced Malware
Protection Services for Cisco Content Security Products, available from
http://www.cisco.com/c/en/us/support/security/web-security-appliance/products-user-guide-list.html.
In order to access this document, you must have a Cisco customer account with a support contract. To
register, visit https://tools.cisco.com/RPF/register/register.do.

Viewing File Analysis Details in the Cloud

The most current instructions for configuring this functionality are in the user guide PDF, available from
http://www.cisco.com/c/en/us/support/security/web-security-appliance/products-user-guide-list.html.

Additional Information
The User Guide PDF may be more current than the online help. To obtain the User Guide PDF and other
documentation for this product, click the View PDF button in the online help or visit the URL shown in
Related Documentation, page 15.

Known and Fixed Issues

Use the Cisco Bug Search Tool to find information about known and fixed defects in this release.

Bug Search Tool Requirements, page 13

Lists of Known and Fixed Issues, page 13

Finding Information about Known and Resolved Issues, page 14

Bug Search Tool Requirements

Register for a Cisco account if you do not have one. Go to
https://tools.cisco.com/RPF/register/register.do.

Lists of Known and Fixed Issues

Known and Fixed Issues in Release 9.0.1-162 (GD), page 14

Known and Fixed Issues in Release 9.0.1-161 (GD - for physical appliances only), page 14

Known and Fixed Issues in Release 9.0.1-135 (ED), page 14

Known and Fixed Issues in Release 9.0.0-485 (LD), page 14

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

13

Known and Fixed Issues

Known and Fixed Issues in Release 9.0.1-162 (GD)

Fixed Issues

https://tools.cisco.com/bugsearch/search?kw=*&pf=prdNm&pfVal=282521310&rls
=9.0.1-162&sb=fr&svr=3nH&srtBy=byRel&bt=custV

Known Issues

https://tools.cisco.com/bugsearch/search?kw=*&pf=prdNm&pfVal=282521310&rls
=9.0.1&sb=afr&sts=open&svr=3nH&srtBy=byRel&bt=custV

Known and Fixed Issues in Release 9.0.1-161 (GD - for physical appliances only)
Fixed Issues

https://tools.cisco.com/bugsearch/search?kw=*&pf=prdNm&pfVal=282521310&rls
=9.0.1-161&sb=fr&svr=3nH&srtBy=byRel&bt=custV

Known Issues

https://tools.cisco.com/bugsearch/search?kw=*&pf=prdNm&pfVal=282521310&rls
=9.0.1&sb=afr&sts=open&svr=3nH&srtBy=byRel&bt=custV

Known and Fixed Issues in Release 9.0.1-135 (ED)

Fixed Issues

https://tools.cisco.com/bugsearch/search?kw=*&pf=prdNm&pfVal=282521310&rls
=9.0.1-135&sb=fr&svr=3nH&srtBy=byRel&bt=custV

Known Issues

https://tools.cisco.com/bugsearch/search?kw=*&pf=prdNm&pfVal=282521310&rls
=9.0.1&sb=afr&sts=open&svr=3nH&srtBy=byRel&bt=custV

Known and Fixed Issues in Release 9.0.0-485 (LD)

Fixed Issues

https://tools.cisco.com/bugsearch/search?kw=*&pf=prdNm&pfVal=282521310&rls
=9.0.0-485&sb=fr&svr=3nH&srtBy=byRel&bt=custV

Known Issues

https://tools.cisco.com/bugsearch/search?kw=*&pf=prdNm&pfVal=282521310&rls
=9.0.0&sb=anfr&sts=open&srtBy=byRel&bt=custV

Finding Information about Known and Resolved Issues

Use the Cisco Bug Search Tool to find the most current information about known and resolved defects
in shipping releases.
Before You Begin

Register for a Cisco account if you do not have one. Go to

https://tools.cisco.com/RPF/register/register.do.
Procedure
Step 1

Go to https://tools.cisco.com/bugsearch/.

Step 2

Log in with your Cisco account credentials.

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

14

Related Documentation

Step 3

Click Select from list > Security > Web Security > Cisco Web Security Appliance, and click OK.

Step 4

In Releases field, enter the version of the release, for example, 8.8.

Step 5

Depending on your requirements, do one of the following:

Note

To view the list of resolved issues, select Fixed in these Releases from the Show Bugs drop down.

To view the list of known issues, select Affecting these Releases from the Show Bugs drop down
and select Open from the Status drop down.

If you have questions or problems, click the Help or Feedback links at the top right side of the tool.
There is also an interactive tour; to view it, click the link in the orange bar above the search fields.

Related Documentation
Documentation for this product is available from
http://www.cisco.com/c/en/us/support/security/web-security-appliance/tsd-products-support-series-ho
me.html.
Documentation for Cisco Content Security Management Appliances is available from
http://www.cisco.com/c/en/us/support/security/content-security-management-appliance/tsd-products-s
upport-series-home.html.

Support
Cisco Support Community
Cisco Support Community is an online forum for Cisco customers, partners, and employees. It provides
a place to discuss general web security issues as well as technical information about specific Cisco
products. You can post topics to the forum to ask questions and share information with other Cisco users.
Access the Cisco Support Community for web security and associated management:
https://supportforums.cisco.com/community/5786/web-security

Customer Support
Note

To get support for virtual appliances, call Cisco TAC and have your Virtual License Number (VLN)
number ready.
Cisco TAC: Visit http://www.cisco.com/en/US/support/tsd_cisco_worldwide_contacts.html
Support Site for legacy IronPort: Visit http://www.cisco.com/web/services/acquisitions/ironport.html.
For non-critical issues, you can also access customer support from the appliance. For instructions, see
the User Guide or online help.

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

15

Support

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of
Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The
use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any
examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only.
Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
2016 Cisco Systems, Inc. All rights reserved.

Release Notes for AsyncOS 9.0.x for Cisco Web Security Appliances

16