Cisco Cisco Email Security Appliance C650 Guía Del Usuario
C H A P T E R
28-1
Cisco AsyncOS 9.0 for Email User Guide
28
Using Email Security Monitor
•
•
•
•
•
Email Security Monitor Overview
The Email Security Monitor feature collects data from every step in the email delivery process. The
database identifies and records each email sender by IP address, while interfacing with the SenderBase
Reputation Service for real-time identity information. You can instantly report on any email sender’s
local mail flow history and show a profile that includes the sender’s global record on the Internet. The
Email Security Monitor feature allows your security team to “close the loop” on who is sending mail to
your users, the amount of mail sent from and received by your users, and the effectiveness of your
security policies.
database identifies and records each email sender by IP address, while interfacing with the SenderBase
Reputation Service for real-time identity information. You can instantly report on any email sender’s
local mail flow history and show a profile that includes the sender’s global record on the Internet. The
Email Security Monitor feature allows your security team to “close the loop” on who is sending mail to
your users, the amount of mail sent from and received by your users, and the effectiveness of your
security policies.
This chapter explains how to:
•
Access the Email Security Monitor feature to monitor inbound and outbound message flow.
•
Make mail flow policy decisions (update whitelists, blacklists, and greylists) by querying for a
sender’s SenderBase Reputation Score (SBRS). You can query on network owners, domains, and
even individual IP addresses.
sender’s SenderBase Reputation Score (SBRS). You can query on network owners, domains, and
even individual IP addresses.
•
Report on mail flow, system status, and mail sent to and from your network.
For any given email sender for incoming mail, the Email Security Monitor database captures critical
parameters such as:
parameters such as:
•
Message volume
•
Connection history
•
Accepted vs. rejected connections
•
Acceptance rates and throttle limits
•
Sender reputation filter matches
•
Number of anti-spam messages for suspected spam and positively identified spam
•
Number of virus-positive message detected by anti-virus scanning