Cisco Cisco Email Security Appliance C650 Guía Del Usuario
15-15
Cisco AsyncOS 9.5 for Email User Guide
Chapter 15 Outbreak Filters
Managing Outbreak Filters
Outbreak Filters Rules
Outbreak Rules are published by the Cisco Security Intelligence Operations and your appliance checks
for and downloads new outbreak rules every 5 minutes. You can change this update interval. See
for and downloads new outbreak rules every 5 minutes. You can change this update interval. See
Related Topics
•
Managing Outbreak Filter Rules
Because the Outbreak Filters Rules are automatically downloaded for you, there really is no management
needed on the part of the user.
needed on the part of the user.
However, if for some reason your appliance is not able to reach Cisco’s update servers for new rules over
a period of time, it is possible that your locally-cached scores are no longer valid, i.e., if a known viral
attachment type now has an update in the anti-virus software and/or is no longer a threat. At this time,
you may wish to no longer quarantine messages with these characteristics.
a period of time, it is possible that your locally-cached scores are no longer valid, i.e., if a known viral
attachment type now has an update in the anti-virus software and/or is no longer a threat. At this time,
you may wish to no longer quarantine messages with these characteristics.
You can manually download updated outbreak rules from Cisco’s update servers by clicking Update
Rules Now.
Rules Now.
Note
The Update Rules Now button does not “flush” all existing outbreak rules on the appliance. It only
replaces outbreak rules that have been updated. If there are no updates available on Cisco’s update
servers, then the appliance will not download any outbreak rules when you click this button.
replaces outbreak rules that have been updated. If there are no updates available on Cisco’s update
servers, then the appliance will not download any outbreak rules when you click this button.
Related Topics
•
Updating Outbreak Filter Rules
By default, your appliance will attempt to download new Outbreak Filters rules every 5 minutes. You
can change this interval via the Security Services > Service Updates page. For more information, see
can change this interval via the Security Services > Service Updates page. For more information, see
.
The Outbreak Filters Feature and Mail Policies
The Outbreak Filters feature has settings that can be set per mail policy. The Outbreak Filters feature can
be enabled or disabled for each mail policy on the appliance. Specific file extensions and domains can
be exempted from processing by the Outbreak Filters feature, per mail policy. This functionality is also
available via the
be enabled or disabled for each mail policy on the appliance. Specific file extensions and domains can
be exempted from processing by the Outbreak Filters feature, per mail policy. This functionality is also
available via the
policyconfig
CLI command (see the Cisco AsyncOS CLI Reference Guide).
Note
Anti-Spam or Intelligent Multi-Scan scanning needs to be enabled globally on an appliance in order for
the Outbreak Filters feature to scan for non-viral threats.
the Outbreak Filters feature to scan for non-viral threats.