Cisco Cisco Email Security Appliance C170 Guía Del Usuario
17-5
Cisco AsyncOS 9.5 for Email User Guide
Chapter 17 File Reputation Filtering and File Analysis
Configuring File Reputation and Analysis Features
•
•
•
Requirements for Communication with File Reputation and Analysis Services
•
All Email Security appliances that use these services must be able to connect to them directly over
the internet (excluding File Analysis services configured to use an on-premises Cisco AMP Threat
Grid Appliance.)
the internet (excluding File Analysis services configured to use an on-premises Cisco AMP Threat
Grid Appliance.)
•
By default, communication with file reputation and cloud-based analysis services is routed through
the interface that is associated with the default gateway. To route this traffic through a different
interface, create a static route for each address in the Advanced section of the Security Services >
File Reputation and Analysis page.
the interface that is associated with the default gateway. To route this traffic through a different
interface, create a static route for each address in the Advanced section of the Security Services >
File Reputation and Analysis page.
•
For information about required open firewall ports, see
Related Topics
•
Configuring an On-Premises File Analysis Server
If you will use a Cisco AMP Threat Grid Appliance as a private-cloud file analysis server:
•
Obtain the Cisco AMP Threat Grid Appliance Setup and Configuration Guide and the Cisco AMP
Threat Grid Appliance Administration Guide. Cisco AMP Threat Grid Appliance documentation is
available from
Threat Grid Appliance Administration Guide. Cisco AMP Threat Grid Appliance documentation is
available from
.
Use this documentation to perform the tasks described in this topic.
Additional documentation is available from the Help link in the AMP Threat Grid appliance.
•
Set up and configure the Cisco AMP Threat Grid Appliance.
•
If necessary, update your Cisco AMP Threat Grid Appliance software to version 1.2.1, which
supports integration with Cisco Email Security appliances .
supports integration with Cisco Email Security appliances .
See the AMP Thread Grid documentation for instructions for determining the version number and
for performing the upgrade.
for performing the upgrade.
•
Ensure that your appliances can communicate with each other over your network. Cisco Email
Security appliances must be able to connect to the CLEAN interface of the AMP Threat Grid
appliance.
Security appliances must be able to connect to the CLEAN interface of the AMP Threat Grid
appliance.
•
If you will deploy self-signed certificates: Generate a self-signed SSL certificate from the AMP
Threat Grid appliance to be used on your Email Security appliance. See instructions for
downloading SSL certificates and keys in the administrator’s guide for your AMP Threat Grid
appliance.
Threat Grid appliance to be used on your Email Security appliance. See instructions for
downloading SSL certificates and keys in the administrator’s guide for your AMP Threat Grid
appliance.