Cisco Cisco Email Security Appliance X1070 User Guide
C H A P T E R
2-1
Cisco IronPort AsyncOS 7.6 for Email Daily Management Guide
OL-25138-01
2
Using Email Security Monitor
The Email Security Monitor feature on the Cisco IronPort appliance is a powerful, web-based console
that provides complete visibility into all inbound email traffic for your enterprise.
that provides complete visibility into all inbound email traffic for your enterprise.
The Email Security Monitor feature integrates tightly into the system, collecting data from every step in
the email delivery process, including reputation filtering, anti-spam, anti-virus scanning, Outbreak
Filters, policy enforcement (including content filters and data loss prevention), and message delivery.
The database identifies and records each email sender by IP address, while interfacing with the
SenderBase Reputation Service for real-time identity information. You can instantly report on any email
sender’s local mail flow history and show a profile that includes the sender’s global record on the
Internet. The Email Security Monitor feature allows your security team to “close the loop” on who is
sending mail to your users, the amount of mail sent from and received by your users, and the
effectiveness of your security policies.
the email delivery process, including reputation filtering, anti-spam, anti-virus scanning, Outbreak
Filters, policy enforcement (including content filters and data loss prevention), and message delivery.
The database identifies and records each email sender by IP address, while interfacing with the
SenderBase Reputation Service for real-time identity information. You can instantly report on any email
sender’s local mail flow history and show a profile that includes the sender’s global record on the
Internet. The Email Security Monitor feature allows your security team to “close the loop” on who is
sending mail to your users, the amount of mail sent from and received by your users, and the
effectiveness of your security policies.
This chapter explains how to:
•
Access the Email Security Monitor feature to monitor inbound and outbound message flow.
•
Make mail flow policy decisions (update whitelists, blacklists, and greylists) by querying for a
sender’s SenderBase Reputation Score (SBRS). You can query on network owners, domains, and
even individual IP addresses.
sender’s SenderBase Reputation Score (SBRS). You can query on network owners, domains, and
even individual IP addresses.
•
Report on mail flow, system status, and mail sent to and from your network.
This chapter contains the following sections:
•
•
•
•
Email Security Monitor Overview
For any given email sender for incoming mail, the Email Security Monitor database captures critical
parameters such as:
parameters such as:
•
Message volume
•
Connection history
•
Accepted vs. rejected connections
•
Acceptance rates and throttle limits