Cisco Cisco Email Security Appliance X1070 Fehlerbehebungsanleitung

This document describes how to determine whether files that are processed through Advanced
Malware Protection (AMP) on the Cisco Email Security Appliance (ESA) are sent for file analysis,
and also what the associated log files provide.

When File Analysis is enabled, files might be automatically sent through AMP to the Cloud for
further analysis. This provides the highest level of protection against zero-day and targeted
threats. File Analysis is only available when File Reputation Filtering is enabled.

Use the File Types options in order to limit the types of files that might be sent to the Cloud. The
specific files that are sent are always based on requests from the File Analysis services Cloud,
which targets those files for which additional analysis is needed. File analysis for particular file
types might be disabled temporarily when the File Analysis services Cloud reaches capacity.

Note: Refer to the 

Note:  Review the 

 and 

 for the specific revision of AsyncOS that

runs on your appliance, as the File Analysis file types will vary based on release.

File types that can be sent for file analysis:

Adobe Portable Document Format (PDF), Microsoft Office 2007+ (Open XML), Microsoft
Office 97-2004 (OLE), Microsoft Windows / DOS Executable, Other potentially malicious file
types.

●

File types that you have selected for upload on the Anti-Malware and Reputation settings
page (for web security) or the File Reputation and Analysis settings page (for email security).
Initial support includes PDF and Microsoft Office files.

●