Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1379
Views
4
Helpful
6
Replies

Cisco ESA / Ironport / AsyncOS "vault service" - what is that?

HakanT
Visitor

‎01-15-2025 07:31 AM

Hello all,

with AsyncOS Release 15.5.1 Cisco announced:

Your email gateway now monitors the Vault service and keeps track of its status, whether it is initialized or not. It also sends appropriate alert messages and logs status information into error_logs."

https://www.cisco.com/c/dam/en/us/td/docs/security/esa/esa15-5-1/release_notes/Secure_Email_15-5_Release_Notes.pdf

I never heard about something called "vault service", and I can not find any information about that, neither in any documentation nor in the ESA training material. What is this service for, and is there any Gui menu or CLI command to view status and settings?

Thank you in advance / best regards

Labels:
0 Helpful
6 Replies 6

ccieexpert
VIP
VIP

‎01-15-2025 09:32 PM

This my understanding based on google search:

A "Cisco Email Vault" refers to a feature within Cisco's email security system that essentially acts as an email archive, allowing organizations to store and readily access past emails for compliance, legal discovery, or auditing purposes, while also providing robust security controls to protect sensitive information within those archived emailsit essentially functions as a centralized repository for historical email data

But, since this is not documented, you should open a TAC CASE and ask, and also push for documentation.

 

Ken Stieers
VIP
VIP

‎01-17-2025 08:05 AM

Here's an answer I got from the WebEx Email space...

DR: looks like an internal service to store all kinds of credentials in a secure and encrypted way, maybe related to FIPS mode? 

AT:  Yes it is an internal system or component. Not accessible as a tool for ESA customers, but in case there are errors with it, we have given some high level guidances in release notes.

Nobody was very forthcoming with a "real" answer...

 

charella
Cisco Employee
Cisco Employee
In response to Ken Stieers

‎01-17-2025 10:24 AM

Vault was implemented to meet security standards for the ESA/SMA CSDL Cisco Secure Development Lifecycle
It is utilized to keep internally stored passwords secure from vulnerability and penetration.

What passwords? Throughout the ESA/SMA, each feature and function has its own microenvironment that utilizes passwords to communicate between internal services. When viewing these directories and files, the passwords are presented as strings of alphanumeric values. This is internal Cisco-restricted through the remote tunnel access.

This is a very basic explanation.
The reason a very forthcoming explanation has not been provided is the topic is abstract and difficult to explain to an audience without knowledge of the internal design of the appliance.

I hope this is helpful,
Chris A.

ccieexpert
VIP
VIP
In response to Ken Stieers

‎01-17-2025 11:30 PM

The right suggestion was appropriate and i dont see any issue for the following reasons:

1) if it is supposed to be a feature that is hidden supposedly from other poster for CSDL, then all references should be removed so as to not to confuse customers.

2) if there is a reference that is required, then some basic documentation to mention that it is a  internal implementation, and there is not customer interaction. otherwise it is going to create confusion.

Again, i suggest opening a TAC CASE so that a documentation bug can be raised  to document this in the right way, or atleast the release note can be edit to clarify this.

HakanT
Visitor

‎01-22-2025 10:00 PM

Thank you all for the numerous answers. I opened a TAC case, the answer was:

Please note that the vault is designed to keep your passwords, private keys safe , when viewing these directories and files, the passwords are presented as strings of alphanumeric values.

The service can only be monitored as explained in release notes:

https://www.cisco.com/c/dam/en/us/td/docs/security/esa/esa15-5-1/release_notes/Secure_Email_15-5_Release_Notes.pdf

I have checked and couldn’t find any documentation explaining it in details, the only thing is that we can monitor the service in the ESA.

Please let me know if you prefer to open documentation bug as we need to discuss with higher resources

This is what you already wrote in this discussion. I left it to the TAC to correct this in the documentation.

Thank you / regards

0 Helpful

ccieexpert
VIP
VIP
In response to HakanT

‎01-23-2025 12:35 AM

you're welcome.. and thanks for opening a TAC case. but I would not leave it to TAC.. most likely they will close it.. i would tell them this is causing confusion and have the update the release notes to either have a brief intro, or completely remove it.... for release notes, generally doc bugs are not created, but they can work with the documentation team to update it..

0 Helpful
Customers Also Viewed These Support Documents