Cisco Cisco Email Security Appliance X1050 Troubleshooting Guide

Contributed by Jackie Fleming and Stephan Bayer, Cisco TAC
Engineers.
Aug 05, 2014

This document describes that given a specific vulnerability, how can I determine if my ESA is protecting
against it?

To see what viruses are being blocked by Sophos, query for a list of IDE files loaded on the system with the
CLI command antivirusstatus detail. In many cases, each IDE file contains protection from more than one
viruses.

esa.example.com> antivirusstatus detail

Sophos Anti−Virus:

   Product − 5.01

   Engine − 3.51.0

   Product Date − 14 May 2014

Sophos IDEs currently on the system:

   'Docdl−P.Ide'          Virus Sig. − 05 Aug 2014 08:53:35

   'Age−Aiea.Ide'         Virus Sig. − 05 Aug 2014 07:05:14

   'Zbot−Isp.Ide'         Virus Sig. − 05 Aug 2014 03:34:12

   'Msil−Zy.Ide'          Virus Sig. − 05 Aug 2014 01:08:36

   'Ramdo−Ad.Ide'         Virus Sig. − 04 Aug 2014 21:44:19

   'Emotet−N.Ide'         Virus Sig. − 04 Aug 2014 17:18:50

   'Upatr−Dt.Ide'         Virus Sig. − 04 Aug 2014 14:10:14

   'Auto−Amt.Ide'         Virus Sig. − 04 Aug 2014 12:04:07

   'Msil−Zo.Ide'          Virus Sig. − 04 Aug 2014 07:39:09

   'Inje−Bae.Ide'         Virus Sig. − 04 Aug 2014 04:59:54

   'Inje−Azy.Ide'         Virus Sig. − 03 Aug 2014 23:38:27

   'Age−Aife.Ide'         Virus Sig. − 03 Aug 2014 18:45:36

   'Dwnl−Ltw.Ide'         Virus Sig. − 03 Aug 2014 11:40:44

   'Msil−Zm.Ide'          Virus Sig. − 03 Aug 2014 07:33:07

   'Wonto−Fo.Ide'         Virus Sig. − 03 Aug 2014 04:32:31

   'Auto−Ams.Ide'         Virus Sig. − 03 Aug 2014 02:29:05

   'Wonto−Fm.Ide'         Virus Sig. − 03 Aug 2014 00:09:52