Cisco Cisco Email Security Appliance X1070 User Guide
17-5
AsyncOS 9.0 for Cisco Web Security Appliances User Guide
Chapter 17 File Reputation Filtering and File Analysis
Configuring File Reputation and Analysis Features
•
•
•
•
Requirements for Communication with File Reputation and Analysis Services
•
All Email Security appliances that use these services must be able to connect to them directly over
the internet (excluding File Analysis services configured to use an on-premises Cisco AMP Threat
Grid Appliance.)
the internet (excluding File Analysis services configured to use an on-premises Cisco AMP Threat
Grid Appliance.)
•
By default, communication with file reputation and cloud-based analysis services is routed through
the interface that is associated with the default gateway. To route this traffic through a different
interface, create a static route for each address in the Advanced section of the Security Services >
File Reputation and Analysis page.
the interface that is associated with the default gateway. To route this traffic through a different
interface, create a static route for each address in the Advanced section of the Security Services >
File Reputation and Analysis page.
•
For information about required open firewall ports, see
Appendix D, “Firewall Information.”
Related Topics
•
Configuring TCP/IP Traffic Routes, page 33-54
Configuring an On-Premises File Analysis Server
If you will use a Cisco AMP Threat Grid Appliance as a private-cloud file analysis server:
•
Obtain the Cisco AMP Threat Grid Appliance Setup and Configuration Guide and the Cisco AMP
Threat Grid Appliance Administration Guide. Cisco AMP Threat Grid Appliance documentation is
available from
Threat Grid Appliance Administration Guide. Cisco AMP Threat Grid Appliance documentation is
available from
.
Use this documentation to perform the tasks described in this topic.
Additional documentation is available from the Help link in the AMP Threat Grid appliance.
In the Administration Guide, search for information about all of the following: integrations with
other Cisco appliances, CSA, Cisco Sandbox API, ESA, and Email Security Appliances, .
other Cisco appliances, CSA, Cisco Sandbox API, ESA, and Email Security Appliances, .
•
Set up and configure the Cisco AMP Threat Grid Appliance.
•
If necessary, update your Cisco AMP Threat Grid Appliance software to version 1.2.1, which
supports integration with Cisco Email Security appliances .
supports integration with Cisco Email Security appliances .
See the AMP Thread Grid documentation for instructions for determining the version number and
for performing the update.
for performing the update.
•
Ensure that your appliances can communicate with each other over your network. Cisco Email
Security appliances must be able to connect to the CLEAN interface of the AMP Threat Grid
appliance.
Security appliances must be able to connect to the CLEAN interface of the AMP Threat Grid
appliance.