Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
Chapter 10 Virus Outbreak Filters
10-330
Cisco IronPort AsyncOS 7.1 for Email Configuration Guide
OL-22158-02
•
•
•
•
Virus Outbreak Filters Overview
The Virus Outbreak Filters engine compares incoming messages with published
Virus Outbreak Filter rules. Messages that match rules are assigned a threat level
and that threat level is compared to the threat level threshold you set. Messages
that meet or exceed that threshold are quarantined.
Virus Outbreak Filter rules. Messages that match rules are assigned a threat level
and that threat level is compared to the threat level threshold you set. Messages
that meet or exceed that threshold are quarantined.
The process of outbreak detection and filtering begins with SenderBase:
SenderBase tracks more than 20 million IP addresses and has a view into
approximately 25% of the world’s email traffic. IronPort uses historical
SenderBase data to create a statistical view of normal global traffic patterns. The
Virus Outbreak Filters engine depends on the set of rules that are used to
determine threat levels of incoming messages.
SenderBase tracks more than 20 million IP addresses and has a view into
approximately 25% of the world’s email traffic. IronPort uses historical
SenderBase data to create a statistical view of normal global traffic patterns. The
Virus Outbreak Filters engine depends on the set of rules that are used to
determine threat levels of incoming messages.
Virus Outbreak Filters - Next Generation Preventive Solution
The Virus Outbreak Filters feature has significant enhancements in features and
usability. At a high level the enhancements include, but are not limited to:
usability. At a high level the enhancements include, but are not limited to:
•
Increased granularity of Outbreak Rules (including anti-virus signature rules)
•
Addition of CASE (Context Adaptive Scanning Engine) scanning
•
Addition of Adaptive Rules
•
Dynamic Quarantine (Periodic message re-evaluation, auto release based on
anti-virus update, enhanced overflow options etc.)
anti-virus update, enhanced overflow options etc.)
•
Better Quarantine Management (enhanced visibility, search/sort options,
alerts etc.)
alerts etc.)
These feature enhancements are designed to increase the systems capture rate for
outbreaks and provide enhanced visibility into an outbreak along with increased
ease of use and management of outbreak messages.
outbreaks and provide enhanced visibility into an outbreak along with increased
ease of use and management of outbreak messages.