Cisco Systems is pleased to announce a major upgrade of the Cisco Registered Envelope Service (CRES) scheduled for Saturday, November 5th, 2011 from 18:00 – 00:00 PST (Sunday, November 6th 02:00:00 – 08:00:00 UTC).
During the maintenance window it will not be possible to open PXE encrypted messages. CRES admins will not be able to log into the administration interface and senders of PXE encrypted messages may receive bounce messages. All services will be restored once the upgrade is concluded. Any bounced messages can be resent at that time.
This upgrade contains a variety of features and fixes:
SAML is an XML-based standard primarily used for Single Sign-On (SSO), a simpler way for end-users to authenticate with multiple web services such as CRES. Currently only SAML 2.0 is supported.
Single Sign-On means users log in once to authenticate (with an Identity Provider) and thereafter use a range of services from Service Providers without having to log in again. The protocol also supports Single Log-Out
This simplifies the user experience, and improves security because the user no longer has to remember login details for multiple services. CRES support for SAML works for new and existing CRES envelopes. SAML authentication must be enabled individually for each corporate account. After this is done, all users in that account must authenticate with SAML. Any users not owned by the account will continue to use CRES authentication.
Email Address Book
An address book has been added to CRES 4.0 user accounts to allow you to store and easily access frequently-used addresses. Now, when you compose an email, you can select from the addresses stored in your address book.
Partial list of resolved issues
Fixed: Cannot Open Certain Envelopes on IE7
Fixed: Envelope Opener does not clean up Sessions if Interrupted by Application Restart
Fixed: The CRES Server does not Have the Class 3 Valicert Certificate Installed
Fixed: Security Problem When Changing WebSafe password using Forgot Password Link
Fixed: Remembering Passwords in Certain Environments Sometimes Fails
Fixed: Reassigning User Does Not Work in the Administrator GUI
Fixed: Changes to Customizable Buttons Sometimes Fail
Fixed: UTF-8 characters in Email Address not Preserved During Secure Forward or Secure Reply
Thank you for choosing Cisco IronPort Security Products.
UPDATE: Some issues were encountered during the deployment phase of CRES 4.0. These issues required us to perform a rollback to the previous version. Currently this upgrade is scheduled to take place Saturday November 12th.