Cisco Cisco Email Security Appliance X1050 Fehlerbehebungsanleitung

Contributed by Jackie Fleming, Cisco TAC Engineer.
Jul 11, 2014

This document describes why the Sophos Anti−Virus updates on the Cisco security appliance are different
than those available on the Sophos web site.

Cisco recommends that you have knowledge of these topics:

Cisco Email Security Appliance (ESA)

• 

All versions of AsyncOS

• 

There are two types of updates: updates to the Sophos Anti−Virus engine and updates to the Sophos virus
identity files (Integrated Development Environment (IDE) files).

The Sophos Anti−virus engine is fully integrated into the AsyncOS operating system. Sophos generates a new
version of their anti−virus scanning engine approximately every month. The new version contains both
current virus definitions and any code changes that are required to recognize new types of viruses and to fix
known issues. As additional viruses are discovered, Sophos releases virus identity files, called IDE files.
These will work with engines that are less than 90 days old.

Sophos updates are managed automatically by Cisco AsyncOS in the C−Series appliance. As Sophos releases
new versions of their engine, Cisco qualifies them through a quality assurance (QA) process, and then places
them on the Cisco update servers so that your C−Series appliance will automatically download and update
them. As IDE virus definition files are released, these move automatically through the service and are placed
on the Cisco update servers within a few minutes of their release by Sophos.

Sophos IDE virus signatures are valid and operate with the previous engine versions. All current IDEs will be
loaded and will work with the engine version running in the Cisco C−Series appliance.