Cisco Cisco Email Security Appliance C650 Guía Del Usuario
27-6
Cisco AsyncOS 8.5.5 for Email Security User Guide
Chapter 27 Using Email Security Monitor
Email Security Monitor Pages
Work Queue: The number of messages awaiting processing in the work queue.
Click the System Status Details link to navigate to the System Status page.
System Quarantines
This section displays information about the top three quarantines by disk usage on the appliance,
including the name of the quarantine, how full the quarantine is (disk space), and the number of
messages currently in the quarantine.
including the name of the quarantine, how full the quarantine is (disk space), and the number of
messages currently in the quarantine.
Click the Local Quarantines link to navigate to the Local Quarantines page.
Virus Threat Level
This section shows the Outbreak status as reported by the Threat Operations Center (TOC). Also shown
is the status of the Outbreak quarantine, including how full it is (disk space) and the number of messages
in the quarantine. The Outbreak quarantine is only displayed if you have enabled the Outbreak Filters
feature on your appliance.
is the status of the Outbreak quarantine, including how full it is (disk space) and the number of messages
in the quarantine. The Outbreak quarantine is only displayed if you have enabled the Outbreak Filters
feature on your appliance.
Note
In order for the Threat Level indicator to function, you need to have port 80 open on your firewall to
“downloads.ironport.com.” Alternatively, if you have specified a local update server, the Threat Level
indicator will attempt to use that address. The Threat Level indicator will also update correctly if you
have configured a proxy for downloads via the Service Updates page. For more information, see
“downloads.ironport.com.” Alternatively, if you have specified a local update server, the Threat Level
indicator will attempt to use that address. The Threat Level indicator will also update correctly if you
have configured a proxy for downloads via the Service Updates page. For more information, see
.
Click the Outbreak Details link to view the external Threat Operations Center web site. Note that in order
for this link to work, your appliance must be able to access the Internet. Note that the Separate Window
icon (
for this link to work, your appliance must be able to access the Internet. Note that the Separate Window
icon (
) indicates that a link will open in a separate window when clicked. You may need to configure
your browser’s pop-up blocker settings to allow these windows.
Incoming and Outgoing Summary and Graph
The Incoming and Outgoing summary sections provide access to real-time activity of all mail activity
on your system and is comprised of the Incoming and Outgoing Mail Graphs and Mail Summaries. You
can select the time frame on which to report via the Time Range menu. The time range you select is used
throughout all of the Email Security Monitor pages. The explanations of each type or category of
message are below (see
on your system and is comprised of the Incoming and Outgoing Mail Graphs and Mail Summaries. You
can select the time frame on which to report via the Time Range menu. The time range you select is used
throughout all of the Email Security Monitor pages. The explanations of each type or category of
message are below (see
While the mail trend graph displays a visual representation of the mail flow, the summary table provides
a numeric breakdown of the same information. The summary table includes the percentage and actual
number of each type of message, including the total number of attempted, threat, and clean messages.
a numeric breakdown of the same information. The summary table includes the percentage and actual
number of each type of message, including the total number of attempted, threat, and clean messages.
The outgoing graph and summary show similar information for outbound mail.
Notes on Counting Messages in Email Security Monitor
The method Email Security Monitor uses to count incoming mail depends on the number of recipients
per message. For example, an incoming message from example.com sent to three recipients would count
as three messages coming from that sender.
per message. For example, an incoming message from example.com sent to three recipients would count
as three messages coming from that sender.
Because messages blocked by sender reputation filtering do not actually enter the work queue, the
appliance does not have access to the list of recipients for an incoming message. In this case, a multiplier
is used to estimate the number of recipients. This multiplier was determined by Cisco and based upon
research of a large sampling of existing customer data.
appliance does not have access to the list of recipients for an incoming message. In this case, a multiplier
is used to estimate the number of recipients. This multiplier was determined by Cisco and based upon
research of a large sampling of existing customer data.