Cisco Cisco Email Security Appliance X1070 Guía Del Usuario
Chapter 8 Anti-Spam
8-264
Cisco IronPort AsyncOS 7.1 for Email Configuration Guide
OL-22158-02
IronPort Anti-Spam and CASE: an Overview
IronPort Anti-Spam filtering is based on Context Adaptive Scanning Engine
(CASE) ™, and is the first anti-spam scanning engine to combine email and web
reputation information to:
(CASE) ™, and is the first anti-spam scanning engine to combine email and web
reputation information to:
•
Eliminate the broadest range of email threats — detect spam, “phishing,”
zombie-based attacks, and other “blended” threats.
zombie-based attacks, and other “blended” threats.
•
Deliver the highest accuracy — anti-spam rules based on email and web
reputation from SenderBase Reputation Service.
reputation from SenderBase Reputation Service.
•
Offer ease of use — due to reduced hardware and administrative costs.
•
Deliver industry leading performance — CASE uses dynamic early exit
criteria and off-box network calculations to deliver breakthrough
performance.
criteria and off-box network calculations to deliver breakthrough
performance.
•
Address the needs of international users — IronPort Anti-Spam is tuned to
deliver industry-leading efficacy world-wide.
deliver industry-leading efficacy world-wide.
Broadest Threat Prevention
CASE combines content analysis, email reputation, and web reputation to deliver
the broadest set of threat prevention factors.
the broadest set of threat prevention factors.
IronPort designed IronPort Anti-Spam from the ground up to detect the broadest
range of email threats. IronPort Anti-Spam addresses a full range of known threats
including spam, phishing and zombie attacks, as well as hard-to-detect low
volume, short-lived email threats such as “419” scams. In addition, IronPort
Anti-Spam identifies new and evolving blended threats such as spam attacks
distributing malicious content through a download URL or an executable.
range of email threats. IronPort Anti-Spam addresses a full range of known threats
including spam, phishing and zombie attacks, as well as hard-to-detect low
volume, short-lived email threats such as “419” scams. In addition, IronPort
Anti-Spam identifies new and evolving blended threats such as spam attacks
distributing malicious content through a download URL or an executable.
To identify these threats, IronPort Anti-Spam uses the industry's most complete
approach to threat detection, examining the full context of a message-its content,
methods of message construction, the reputation of the sender, and the reputation
of web sites advertised in the message and more. Only IronPort Anti-Spam
combines the power of email and web reputation data, leveraging the full power
of the world's largest email and web traffic monitoring network — SenderBase —
to detect new attacks as soon as they begin.
approach to threat detection, examining the full context of a message-its content,
methods of message construction, the reputation of the sender, and the reputation
of web sites advertised in the message and more. Only IronPort Anti-Spam
combines the power of email and web reputation data, leveraging the full power
of the world's largest email and web traffic monitoring network — SenderBase —
to detect new attacks as soon as they begin.