Cisco Cisco Email Security Appliance C650 Guía Del Usuario
28-23
Cisco AsyncOS 9.5 for Email User Guide
Chapter 28 Using Email Security Monitor
Email Security Monitor Pages
Note that, if the verdict of a URL (clean or malicious) was unknown at the time when the end
user clicked it, the status is shown as unknown. This could be because the URL was under
further scrutiny or the web server was down or not reachable at the time of the user click.
user clicked it, the status is shown as unknown. This could be because the URL was under
further scrutiny or the web server was down or not reachable at the time of the user click.
–
The number of times end users clicked on a rewritten URL. Click on a number to view a list of
all the messages that contain the clicked URL.
all the messages that contain the clicked URL.
File Reputation and File Analysis Reports
For the following reports, see
:
•
Advanced Malware Protection
•
File Analysis
•
AMP Verdict Updates
TLS Connections Page
The TLS Connections pages shows the overall usage of TLS connections for sent and received mail. The
report also shows details for each domain sending mail using TLS connections.
report also shows details for each domain sending mail using TLS connections.
The TLS Connections page can be used to determine the following information:
•
Overall, what portion of incoming and outgoing connections use TLS?
•
What partners do I have successful TLS connections with?
•
What partners do I have unsuccessful TLS connections with?
•
What partners have issue with their TLS certificates?
•
What percent of overall mail with a partner uses TLS?
The TLS Connections page is divided into a section for incoming connections and a section for outgoing
connections. Each section includes a graph, summaries, and a table with details.
connections. Each section includes a graph, summaries, and a table with details.
The graph displays a view of incoming or outgoing TLS-encrypted and non-encrypted connections over
the time range you specify. The graph displays the total volume of messages, the volume of encrypted
and unencrypted messages, and the volume of successful and failed TLS encrypted messages. The
graphs distinguish between connections in which TLS was required and connections in which TLS was
merely preferred.
the time range you specify. The graph displays the total volume of messages, the volume of encrypted
and unencrypted messages, and the volume of successful and failed TLS encrypted messages. The
graphs distinguish between connections in which TLS was required and connections in which TLS was
merely preferred.
The table displays details for domains sending or receiving encrypted messages. For each domain, you
can view the number of required and preferred TLS connections that were successful and that failed, the
total number of TLS connections attempted (whether successful or failed), and the total number of
unencrypted connections. You can also view the percentage of all connections in which TLS was
attempted, and the total number of encrypted messages sent successfully, regardless of whether TLS was
preferred or required. You can show or hide columns by clicking the Columns link at the bottom of this
table.
can view the number of required and preferred TLS connections that were successful and that failed, the
total number of TLS connections attempted (whether successful or failed), and the total number of
unencrypted connections. You can also view the percentage of all connections in which TLS was
attempted, and the total number of encrypted messages sent successfully, regardless of whether TLS was
preferred or required. You can show or hide columns by clicking the Columns link at the bottom of this
table.
Inbound SMTP Authentication Page
The Inbound SMTP Authentication page shows the use of client certificates and the SMTP AUTH
command to authenticate SMTP sessions between the Email Security appliance and users’ mail clients.
If the appliance accepts the certificate or SMTP AUTH command, it will establish a TLS connection to
command to authenticate SMTP sessions between the Email Security appliance and users’ mail clients.
If the appliance accepts the certificate or SMTP AUTH command, it will establish a TLS connection to