Cisco Cisco Content Security Management Appliance M1070 User Guide
8-19
AsyncOS 8.3.5 for Cisco Content Security Management User Guide
Chapter 8 Centralized Policy, Virus, and Outbreak Quarantines
Working with Messages in Policy, Virus, or Outbreak Quarantines
About Moving Messages Between Policy Quarantines
You can manually move messages from one policy quarantine to another on a single appliance.
When you move a message to a different quarantine:
•
The expiration time is unchanged. The message keeps the retention time of the original quarantine.
•
The reason the message was quarantined, including the matched content and other relevant details,
does not change.
does not change.
•
If a message is in multiple quarantines and you move the message to a destination that already holds
a copy of that message, the expiration time and reason for quarantine of the moved copy of the
message overwrite those of the copy of the message that was originally in the destination quarantine.
a copy of that message, the expiration time and reason for quarantine of the moved copy of the
message overwrite those of the copy of the message that was originally in the destination quarantine.
Messages in Multiple Quarantines
If a message is present in one or more other quarantines, the “In other quarantines” column in the
quarantine message list will show “Yes,” regardless of whether you have permissions to access those
other quarantines.
quarantine message list will show “Yes,” regardless of whether you have permissions to access those
other quarantines.
A message in multiple quarantines:
•
Is not delivered unless it has been released from all of the quarantines in which it resides. If it is
deleted from any quarantine, it will never be delivered.
deleted from any quarantine, it will never be delivered.
•
Is not deleted from any quarantine until it has been deleted or released from all quarantines in which
it resides.
it resides.
Because a user wanting to release a message may not have access to all of the quarantines in which it
resides, the following rules apply:
resides, the following rules apply:
•
A message is not released from any quarantine until it has been released from all of the quarantines
in which it resides.
in which it resides.
•
If a message is marked as Deleted in any quarantine, it cannot be delivered from any other quarantine
in which it resides. (It can still be released.)
in which it resides. (It can still be released.)
If a message is queued in multiple quarantines and a user does not have access to one or more of the
other quarantines:
other quarantines:
•
The user will be informed whether the message is present in each of the quarantines to which the
user has access.
user has access.
•
The GUI shows only the scheduled exit time from the quarantines to which the user has access. (For
a given message, there is a separate exit time for each quarantine.)
a given message, there is a separate exit time for each quarantine.)
•
The user will not be told the names of the other quarantine(s) holding the message.
•
The user will not see matched content that caused the message to be placed into quarantines that the
user does not have access to.
user does not have access to.
•
Releasing a message affects only the queues to which the user has access.
•
If the message is also queued in other quarantines not accessible to the user, the message will remain
in quarantine, unchanged, until acted upon by users who have the required access to the remaining
quarantines (or until the message is released “normally” via early or normal expiration).
in quarantine, unchanged, until acted upon by users who have the required access to the remaining
quarantines (or until the message is released “normally” via early or normal expiration).