Cisco Cisco Email Security Appliance C650 Guía Del Usuario
4-6
Cisco IronPort AsyncOS 7.6 for Email Daily Management Guide
OL-25138-01
Chapter 4 Quarantines
Managing System Quarantines via the Graphical User Interface (GUI)
System Quarantine Performance
Messages stored in system quarantines use system memory in addition to hard drive space. Storing
hundreds of thousands of messages in system quarantines on a single appliance may cause a decrease in
the appliance’s performance due to excessive memory usage. The appliance takes more time to
quarantine, delete, and release messages, which causes message processing to slow down and the email
pipeline to back up.
hundreds of thousands of messages in system quarantines on a single appliance may cause a decrease in
the appliance’s performance due to excessive memory usage. The appliance takes more time to
quarantine, delete, and release messages, which causes message processing to slow down and the email
pipeline to back up.
Cisco recommends storing an average of less than 20,000 messages in your system quarantines to ensure
that Email Security appliance processes email at a normal rate.
that Email Security appliance processes email at a normal rate.
Users and User Groups
Users belonging to the Administrators group have access to quarantines by default. Users in the
Operators, Guests, Read-Only Operators, and Help Desk Users groups, as well as custom user roles with
quarantines access privileges, can be assigned to a quarantine (so that they may view, process, or search
messages within a quarantine), but cannot change the quarantine's configuration (e.g. the size, retention
period, etc.), or create or delete quarantines. Users in the Technicians group cannot access quarantines.
Operators, Guests, Read-Only Operators, and Help Desk Users groups, as well as custom user roles with
quarantines access privileges, can be assigned to a quarantine (so that they may view, process, or search
messages within a quarantine), but cannot change the quarantine's configuration (e.g. the size, retention
period, etc.), or create or delete quarantines. Users in the Technicians group cannot access quarantines.
Creating System Quarantines
You can create new system quarantines to hold messages. The basic workflow for setting up a quarantine
is:
is:
1.
Create users who will interact with the quarantine.
a.
Local Users. A quarantine's user list contains local users in all user groups, except
Administrators. Users in the Administrators group always have full access to the quarantine. For
more information, see
Administrators. Users in the Administrators group always have full access to the quarantine. For
more information, see
b.
External Users. You can also enable your Cisco IronPort appliance to use an external directory
to authenticate users and select which user groups have access to the quarantine. For more
information, see
to authenticate users and select which user groups have access to the quarantine. For more
information, see
c.
Delegated Administrators. You can create a custom user role with quarantine access privileges
and assign local users to the group to act as delegated administrators for the quarantine. For
more information, see
and assign local users to the group to act as delegated administrators for the quarantine. For
more information, see
.
2.
Create the quarantine, following the steps below.
3.
Create filters that will move messages to the quarantine. For more information about creating filters,
see the “Email Security Manager” chapter in the Cisco IronPort AsyncOS for Email Configuration
Guide and refer to “Using Message Filters to Enforce Email Policies” in the Cisco IronPort AsyncOS
for Email Advanced Configuration Guide.
see the “Email Security Manager” chapter in the Cisco IronPort AsyncOS for Email Configuration
Guide and refer to “Using Message Filters to Enforce Email Policies” in the Cisco IronPort AsyncOS
for Email Advanced Configuration Guide.
To create a system quarantine:
Step 1
Click Add Quarantine on the Quarantines page. The Add Quarantine page is displayed.
Step 2
Type a name for the quarantine.
Step 3
Specify the space (in megabytes) to allocate for the quarantine. For more information, see
Step 4
Select a Retention Period, or time to keep a message in the quarantine before the default action in
performed on the message. For more information, see
performed on the message. For more information, see
Step 5
Select a Default Action (Delete or Release).