Cisco Cisco Email Security Appliance C650 Guía Del Usuario
26-21
Cisco AsyncOS 8.0.2 for Email User Guide
Chapter 26 Using Email Security Monitor
Email Security Monitor Pages
Figure 26-11
Internal User Details Page
Click on a content filter name to view detailed information for that filter in the corresponding content
filter information page (see
filter information page (see
). You can use this method to get a list
of users who also sent or received mail that matched that particular content filter.
Searching for a Specific Internal User
You can search for a specific internal user (email address) via the search form at the bottom of the
Internal Users page and the Internal User detail page. Choose whether to exactly match the search text
or look for items starting with the entered text (for instance, starts with “ex” will match “example.com”).
Internal Users page and the Internal User detail page. Choose whether to exactly match the search text
or look for items starting with the entered text (for instance, starts with “ex” will match “example.com”).
The DLP Incidents Page
The DLP Incidents page shows information on the incidents of data loss prevention (DLP) policy
violations occurring in outgoing mail. The appliance uses the DLP email policies enabled in the
Outgoing Mail Policies table to detect sensitive data sent by your users. Every occurrence of an outgoing
message violating a DLP policy is reported as an incident.
violations occurring in outgoing mail. The appliance uses the DLP email policies enabled in the
Outgoing Mail Policies table to detect sensitive data sent by your users. Every occurrence of an outgoing
message violating a DLP policy is reported as an incident.
Using the DLP Incidents report, you can answer these kinds of questions:
•
What type of sensitive data is being sent by your users?
•
How severe are these DLP incidents?
•
How many of these messages are being delivered?
•
How many of these messages are being dropped?
•
Who is sending these messages?
The DLP Incidents page is comprised of two main sections:
•
the DLP incident trend graphs summarizing the top DLP incidents by severity (Low, Medium, High,
Critical) and policy matches, and
Critical) and policy matches, and