Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
10-3
Cisco IronPort AsyncOS 7.5 for Email Configuration Guide
OL-25136-01
Chapter 10 Outbreak Filters
•
URL rewriting to redirect traffic to potentially harmful websites through the
Cisco web security proxy, which either warns users that the website they are
attempting to access may be malicious or blocks the website completely.
Cisco web security proxy, which either warns users that the website they are
attempting to access may be malicious or blocks the website completely.
These feature enhancements are designed to increase the system’s capture rate for
outbreaks, provide enhanced visibility into an outbreak, and protect your users’
computers and sensitive information.
outbreaks, provide enhanced visibility into an outbreak, and protect your users’
computers and sensitive information.
Your Cisco IronPort appliance ships with a 30-day evaluation license for the
Outbreak Filters feature.
Outbreak Filters feature.
Threat Categories
The Outbreak Filters feature provides protection from two categories of
message-based outbreaks: virus outbreaks, which are messages with
never-before-seen viruses in their attachments, and non-viral threats, which
includes phishing attempts, scams, and malware distribution through links to an
external website.
message-based outbreaks: virus outbreaks, which are messages with
never-before-seen viruses in their attachments, and non-viral threats, which
includes phishing attempts, scams, and malware distribution through links to an
external website.
By default, the Outbreak Filters feature scans your incoming and outgoing
messages for possible viruses during an outbreak. You can enable scanning for
non-viral threats in addition to virus outbreaks if you enable anti-spam scanning
on the appliance.
messages for possible viruses during an outbreak. You can enable scanning for
non-viral threats in addition to virus outbreaks if you enable anti-spam scanning
on the appliance.
Note
Your appliance needs a feature key for IronPort Anti-Spam or IronPort Intelligent
Multi-Scan in order for Outbreak Filters to scan for non-viral threats.
Multi-Scan in order for Outbreak Filters to scan for non-viral threats.
Virus Outbreaks
The Outbreak Filters feature provides you with a head start when battling virus
outbreaks. An outbreak occurs when messages with attachments containing
never-before-seen viruses or variants of existing viruses spread quickly through
private networks and the Internet. As these new viruses or variants hit the Internet,
the most critical period is the window of time between when the virus is released
and when the anti-virus vendors release an updated virus definition. Having
advanced notice — even a few hours — is vital to curbing the spread of the
malware or virus. During that vulnerability window, the newly-found virus can
propagate globally, bringing email infrastructure to a halt.
outbreaks. An outbreak occurs when messages with attachments containing
never-before-seen viruses or variants of existing viruses spread quickly through
private networks and the Internet. As these new viruses or variants hit the Internet,
the most critical period is the window of time between when the virus is released
and when the anti-virus vendors release an updated virus definition. Having
advanced notice — even a few hours — is vital to curbing the spread of the
malware or virus. During that vulnerability window, the newly-found virus can
propagate globally, bringing email infrastructure to a halt.