Cisco Cisco Content Security Management Appliance M1070 Betriebsanweisung
8-15
AsyncOS 8.1 for Cisco Content Security Management User Guide
Chapter 8 Centralized Policy, Virus, and Outbreak Quarantines
Managing Policy, Virus, and Outbreak Quarantines
The system individually logs messages after they are removed from all quarantines and either
permanently deleted or scheduled for delivery, for example
permanently deleted or scheduled for delivery, for example
Info: MID 483 released from all quarantines
Info: MID 484 deleted from all quarantines
When a message is re-injected, the system creates a new Message object with a new Message ID (MID).
This is logged using an existing log message with a new MID “byline”, for example:
This is logged using an existing log message with a new MID “byline”, for example:
Info: MID 483 rewritten to 513 by Policy Quarantine
About Distributing Message Processing Tasks to Other Users
You can distribute message review and processing tasks to other administrative users. For example:
•
The Human Resources team can review and manage the Policy Quarantine.
•
The Legal team can manage the Confidential Material Quarantine.
You assign access privileges to these users when you specify settings for a quarantine. In order to add
users to quarantines, the users must already exist.
users to quarantines, the users must already exist.
Each user may have access to all, some, or none of the quarantines. A user who is not authorized to view
a quarantine will not see any indication of its existence anywhere in the GUI or CLI listings of
quarantines.
a quarantine will not see any indication of its existence anywhere in the GUI or CLI listings of
quarantines.
Related Topics
•
•
Which User Groups Can Access Quarantines
When you allow users to access a quarantine, the actions that they can perform depend on their user
group:
group:
•
Users in the Administrators or Email Administrators groups can create, configure, delete, and
centralize quarantines and can manage quarantined messages.
centralize quarantines and can manage quarantined messages.
•
Users in the Operators, Guests, Read-Only Operators, and Help Desk Users groups, as well as
custom user roles with quarantine management privileges, can search for, view, and process
messages in a quarantine, but cannot change the quarantine’s settings, create, delete, or centralize
quarantines. You specify in each quarantine which of these users have access to that quarantine.
custom user roles with quarantine management privileges, can search for, view, and process
messages in a quarantine, but cannot change the quarantine’s settings, create, delete, or centralize
quarantines. You specify in each quarantine which of these users have access to that quarantine.
•
Users in the Technicians group cannot access quarantines.
Access privileges for related features, such as Message Tracking and Data Loss Prevention, also affect
the options and information that a user sees on Quarantine pages. For example, if a user does not have
access to Message Tracking, that user will not see message tracking information for quarantined
messages.
the options and information that a user sees on Quarantine pages. For example, if a user does not have
access to Message Tracking, that user will not see message tracking information for quarantined
messages.
Note
To allow custom user roles configured on the Security Management appliance to specify policy
quarantines in filters and DLP message actions, see
quarantines in filters and DLP message actions, see
.