Cisco Cisco Email Security Appliance C190 Guía Del Usuario
C H A P T E R
26-1
Cisco AsyncOS 8.0.1 for Email User Guide
26
Using Email Security Monitor
•
•
•
•
•
Email Security Monitor Overview
The Email Security Monitor feature collects data from every step in the email delivery process, including
reputation filtering, anti-spam, anti-virus scanning, Outbreak Filters, policy enforcement (including
content filters and data loss prevention), and message delivery. The database identifies and records each
email sender by IP address, while interfacing with the SenderBase Reputation Service for real-time
identity information. You can instantly report on any email sender’s local mail flow history and show a
profile that includes the sender’s global record on the Internet. The Email Security Monitor feature
allows your security team to “close the loop” on who is sending mail to your users, the amount of mail
sent from and received by your users, and the effectiveness of your security policies.
reputation filtering, anti-spam, anti-virus scanning, Outbreak Filters, policy enforcement (including
content filters and data loss prevention), and message delivery. The database identifies and records each
email sender by IP address, while interfacing with the SenderBase Reputation Service for real-time
identity information. You can instantly report on any email sender’s local mail flow history and show a
profile that includes the sender’s global record on the Internet. The Email Security Monitor feature
allows your security team to “close the loop” on who is sending mail to your users, the amount of mail
sent from and received by your users, and the effectiveness of your security policies.
This chapter explains how to:
•
Access the Email Security Monitor feature to monitor inbound and outbound message flow.
•
Make mail flow policy decisions (update whitelists, blacklists, and greylists) by querying for a
sender’s SenderBase Reputation Score (SBRS). You can query on network owners, domains, and
even individual IP addresses.
sender’s SenderBase Reputation Score (SBRS). You can query on network owners, domains, and
even individual IP addresses.
•
Report on mail flow, system status, and mail sent to and from your network.
For any given email sender for incoming mail, the Email Security Monitor database captures critical
parameters such as:
parameters such as:
•
Message volume
•
Connection history
•
Accepted vs. rejected connections
•
Acceptance rates and throttle limits
•
Reputation filter matches
•
Number of anti-spam messages for suspected spam and positively identified spam
•
Number of virus-positive message detected by anti-virus scanning