Cisco Cisco Email Security Appliance C670 Betriebsanweisung
26-24
Cisco AsyncOS 8.0.1 for Email User Guide
Chapter 26 Using Email Security Monitor
Email Security Monitor Pages
•
Which content filter is being triggered the most by incoming or outgoing mail?
•
Who are the top users sending or receiving mail that is triggering a particular content filter?
You can click the name of the content filter in the listing to view more information about that filter on
the Content Filter detail page.
the Content Filter detail page.
Content Filter Details
The Content Filter detail page displays matches for that filter over time, as well as matches by internal
user.
user.
In the Matches by Internal User section, you can click the name of a user to view that internal user’s
(email address) Internal User details page (see
(email address) Internal User details page (see
).
Figure 26-16
Content Filters Page
The Outbreak Filters Page
The Outbreak Filters page shows the current status and configuration of Outbreak Filters on your
appliance as well as information about recent outbreaks and messages quarantined due to Outbreak
Filters. You can use this page to monitor your defense against targeted virus, scam, and phishing attacks.
appliance as well as information about recent outbreaks and messages quarantined due to Outbreak
Filters. You can use this page to monitor your defense against targeted virus, scam, and phishing attacks.
The Threats By Type section shows the different types of threat messages received by the appliance. The
Threat Summary section shows a breakdown of the messages by Virus, Phish, and Scam.
Threat Summary section shows a breakdown of the messages by Virus, Phish, and Scam.
The Past Year Outbreak Summary lists global as well as local outbreaks over the past year, allowing you
to compare local network trends to global trends. The listing of global outbreaks is a superset of all
outbreaks, both viral and non-viral, whereas local outbreaks are limited to virus outbreaks that have
affected your appliance. Local outbreak data does not include non-viral threats. Global outbreak data
represents all outbreaks detected by the Threat Operations Center which exceeded the currently
configured threshold for the outbreak quarantine. Local outbreak data represents all virus outbreaks
detected on this appliance which exceeded the currently configured threshold for the outbreak
quarantine. The Total Local Protection Time is always based on the difference between when each virus
to compare local network trends to global trends. The listing of global outbreaks is a superset of all
outbreaks, both viral and non-viral, whereas local outbreaks are limited to virus outbreaks that have
affected your appliance. Local outbreak data does not include non-viral threats. Global outbreak data
represents all outbreaks detected by the Threat Operations Center which exceeded the currently
configured threshold for the outbreak quarantine. Local outbreak data represents all virus outbreaks
detected on this appliance which exceeded the currently configured threshold for the outbreak
quarantine. The Total Local Protection Time is always based on the difference between when each virus