Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
17-9
AsyncOS 9.0 for Cisco Web Security Appliances User Guide
Chapter 17 File Reputation Filtering and File Analysis
Configuring File Reputation and Analysis Features
Step 3
Click Group Now.
Which Appliances Are In the Analysis Group?
Step 1
Select Security Services > File Reputation and Analysis.
Step 2
In the Appliance Grouping for File Analysis Cloud Reporting section, click View Appliances .
Step 3
To view the File Analysis Client ID of a particular appliance, look in the following location:
Configuring the Incoming Mail Policy for File Reputation Scanning and File
Analysis
Analysis
Step 1
Select Mail Policies > Incoming Mail Policies.
Step 2
Click the link in the Advanced Malware Protection column of the mail policy to modify.
Step 3
Choose options.
•
If you do not have an on-premises Cisco AMP Threat Grid Appliance and you do not want to send
files to the cloud, for example for confidentiality reasons, uncheck Enable File Analysis.
files to the cloud, for example for confidentiality reasons, uncheck Enable File Analysis.
•
Select the actions that AsyncOS must perform if an attachment is considered Unscannable.
Attachments are considered Unscannable when the appliance is unable to obtain information from
the file reputation service for any reason, for example because the connection timed out.
Attachments are considered Unscannable when the appliance is unable to obtain information from
the file reputation service for any reason, for example because the connection timed out.
Select the following:
–
Whether to deliver or drop the message.
–
Whether to archive the original message. Archived messages are stored as an mbox-format log
file in the
file in the
amparchive
directory on the appliance. The preconfigured AMP Archive
(
amparchive
) log subscription is required.
–
Whether to warn the end user by modifying the message subject, for example, [WARNING:
ATTACHMENT(S) MAY CONTAIN MALWARE].
ATTACHMENT(S) MAY CONTAIN MALWARE].
–
Whether to add a custom header to provide granular controls to the administrator.
•
Select the actions that AsyncOS must perform if an attachment is considered Malicious. Select the
following:
following:
–
Whether to deliver or drop the message.
Appliance
Location of File Analysis Client ID
Email Security
appliance
appliance
Advanced Settings for File Analysis section
on the Security Services > File Reputation and Analysis page.
on the Security Services > File Reputation and Analysis page.
Web Security
appliance
appliance
Advanced Settings for File Analysis section
on the Security Services > Anti-Malware and Reputation page.
on the Security Services > Anti-Malware and Reputation page.
Security Management
appliance
appliance
At the bottom of the Management Appliance > Centralized Services >
Security Appliances page.
Security Appliances page.