Cisco Cisco Email Security Appliance X1070 User Guide
17-21
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 17 File Reputation Filtering and File Analysis
Troubleshooting File Reputation and Analysis
Several Alerts About Failure to Connect to File Reputation or File Analysis
Servers
Servers
Problem
You receive several alerts about failures to connect to the file reputation or analysis services in
the cloud. (A single alert may indicate only a transient issue.)
Solution
•
Ensure that you have met the requirements in
.
•
Check for network issues that may prevent the appliance from communicating with the cloud
services.
services.
•
Increase the Query Timeout value:
Select Security Services > File Reputation and Analysis. The Query Timeout value is in the
Advanced settings area.
Advanced settings area.
API Key Error (On-Premises File Analysis)
Problem
You receive an API key alert when attempting to view File Analysis report details, or the Email
Security appliance is unable to connect to the AMP Threat Grid server to upload files for analysis.
Solution
This error can occur if you change the hostname of the AMP Threat Grid server and you are
using a self-signed certificate from the AMP Threat Grid server, as well as possibly under other
circumstances. To resolve the issue:
circumstances. To resolve the issue:
•
Generate a new certificate from the AMP Threat Grid appliance that has the new hostname.
•
Upload the new certificate to the Email Security appliance.
•
Reset the API key on the AMP Threat Grid appliance. For instructions, see the online help on the
AMP Threat Grid appliance.
AMP Threat Grid appliance.
Related Topics
•
Files are Not Uploaded As Expected
Problem
Files are not evaluated or analyzed as expected. There is no alert or obvious error.
Problem
Consider the following:
•
The file may have been sent for analysis by another appliance and thus already be present on the File
Analysis server or in the cache of the appliance that is processing the file.
Analysis server or in the cache of the appliance that is processing the file.
Alerts about File Types That Can Be Sent for Analysis
Problem
You receive alerts of severity Info about file types that can be sent for file analysis.
Solution
This alert is sent when supported file types change, or when the appliance checks to see what
file types are supported. This can occur when: