Cisco Cisco Email Security Appliance C680 User Guide

Click Group Now. 

Select Security Services > File Reputation and Analysis. 

In the Appliance Grouping for File Analysis Cloud Reporting section, click  View Appliances . 

To view the File Analysis Client ID of a particular appliance, look in the following location: 

Select Mail Policies > Incoming Mail Policies.

Click the link in the Advanced Malware Protection column of the mail policy to modify. 

Choose options.

If you do not have an on-premises Cisco AMP Threat Grid Appliance and you do not want to send 
files to the cloud, for example for confidentiality reasons, uncheck Enable File Analysis.

Select the actions that AsyncOS must perform if an attachment is considered Unscannable. 
Attachments are considered Unscannable when the appliance is unable to obtain information from 
the file reputation service for any reason, for example because the connection timed out. 

Select the following:

Whether to deliver or drop the message.

Whether to archive the original message. Archived messages are stored as an mbox-format log 
file in the 

amparchive

 directory on the appliance. The preconfigured AMP Archive 

(

amparchive

) log subscription is required.

Whether to warn the end user by modifying the message subject, for example, [WARNING: 
ATTACHMENT(S) MAY CONTAIN MALWARE].

Whether to add a custom header to provide granular controls to the administrator.

Select the actions that AsyncOS must perform if an attachment is considered Malicious. Select the 
following:

Whether to deliver or drop the message.

Email Security 
appliance

Advanced Settings for File Analysis section 
on the Security Services > File Reputation and Analysis page. 

Web Security 
appliance 

Advanced Settings for File Analysis section 
on the Security Services > Anti-Malware and Reputation page.

Security Management 
appliance

At the bottom of the Management Appliance > Centralized Services > 
Security Appliances page.