Cisco Cisco Email Security Appliance C680 User Guide
10-12
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Chapter 10 Outbreak Filters
The Outbreak Filter Rules section lists the time, date, and version of the latest update for various
components (the rules engine as well as the rules themselves), as well as a listing of the current Outbreak
Filter rules with threat level.
components (the rules engine as well as the rules themselves), as well as a listing of the current Outbreak
Filter rules with threat level.
For more information about Outbreak Rules, see
.
Configuring Outbreak Filters Global Settings
To configure the Global Settings for Outbreak Filters, click Edit Global Settings The Outbreak Filters
Global Settings page is displayed:
Global Settings page is displayed:
Figure 10-3
Outbreak Filters Global Settings Page
Use this page to:
•
Enable Outbreak Filters globally.
•
Enable Adaptive Rules scanning.
•
Set a maximum size for files to scan (note that you are entering the size in bytes)
•
Elect whether to enable alerts for the Outbreak Filter.
Note that alerts and Adaptive Rules are not enabled by default. This functionality is also available via
the
the
outbreakconfig
CLI command (see the Cisco IronPort AsyncOS CLI Reference Guide). After you
make your changes, submit and commit them.
Enabling the Outbreak Filters Feature
To enable the Outbreak Filters feature globally, check the box next to Enable Outbreak Filters on the
Outbreak Filters Global Settings page, and click Submit. You must have agreed to the Outbreak Filters
license agreement first.
Outbreak Filters Global Settings page, and click Submit. You must have agreed to the Outbreak Filters
license agreement first.
Once enabled globally, the Outbreak Filters feature can then be enabled or disabled individually for each
incoming and outgoing mail policy, including the default policies. For more information, see
incoming and outgoing mail policy, including the default policies. For more information, see
The Outbreak Filters feature uses the Context Adaptive Scanning Engine (CASE) to detect viral threats,
regardless of whether anti-spam scanning is enabled, but you do need to have Cisco IronPort Anti-Spam
or Intelligent Multi-Scan enabled globally on the aplliance in order to scan for non-viral threats.
regardless of whether anti-spam scanning is enabled, but you do need to have Cisco IronPort Anti-Spam
or Intelligent Multi-Scan enabled globally on the aplliance in order to scan for non-viral threats.
Note
If you have not already agreed to the license during system setup (see
must click Enable on the Security Services > Outbreak Filters page, and then read and agree to the
license.
license.