Cisco Cisco Email Security Appliance X1070 Troubleshooting Guide
ESA Advanced Malware Protection (AMP) Test
Document ID: 118511
Contributed by Robert Sherwin, Cisco TAC Engineer.
Nov 14, 2014
Nov 14, 2014
Contents
Introduction
Test AMP on the ESA
Feature Keys
Security Services
Incoming Mail Policies
Test
Advanced Message Tracking for AMP+ Messages
Advanced Malware Protection Reports
Troubleshoot
Related Information
Test AMP on the ESA
Feature Keys
Security Services
Incoming Mail Policies
Test
Advanced Message Tracking for AMP+ Messages
Advanced Malware Protection Reports
Troubleshoot
Related Information
Introduction
This document describes how to test and verify the Advanced Malware Protection (AMP) features of the
Cisco Email Security Appliance (ESA).
Cisco Email Security Appliance (ESA).
Test AMP on the ESA
With the release of AsyncOS 8.5 for the ESA, AMP performs file reputation scans and file analysis in order to
detect malware in attachments.
detect malware in attachments.
Feature Keys
In order to implement AMP, you must have a valid and active feature key for both File Reputation and File
Analysis on your ESA. Visit System Administration> Feature Keys on the GUI, or use featurekeys on the
CLI, in order to verify the feature keys.
Analysis on your ESA. Visit System Administration> Feature Keys on the GUI, or use featurekeys on the
CLI, in order to verify the feature keys.
Security Services
In order to enable the service from the GUI, navigate to Security Services > File Reputation and Analysis.
From the CLI, you can run ampconfig. Submit and commit your changes to the configuration.
From the CLI, you can run ampconfig. Submit and commit your changes to the configuration.
Incoming Mail Policies
Once you have enabled the service, you must have this service tied to an incoming mail policy.
Navigate to Mail Policies > Incoming Mail Policies.
1.
Select your Default Policy or preconfigured policy as needed. The Advanced Malware Protection
column on the Incoming Mail Polices page displays.
column on the Incoming Mail Polices page displays.
2.