Cisco Cisco Email Security Appliance C650 Guía Del Usuario
14-13
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 14 Outbreak Filters
Managing Outbreak Filters
Figure 14-3
Outbreak Filters Global Settings Page
Use this page to:
•
Enable Outbreak Filters globally
•
Enable Adaptive Rules scanning
•
Set a maximum size for files to scan (note that you are entering the size in bytes)
•
Enable alerts for the Outbreak Filter
Note that alerts and Adaptive Rules are not enabled by default. This functionality is also available via
the
the
outbreakconfig
CLI command (see the Cisco AsyncOS CLI Reference Guide). After you make your
changes, submit and commit them.
Note
You cannot enable the logging of URLs using the web interface. For instructions to enable logging of
URLs using CLI, see
URLs using CLI, see
.
Enabling the Outbreak Filters Feature
To enable the Outbreak Filters feature globally, check the box next to Enable Outbreak Filters on the
Outbreak Filters Global Settings page, and click Submit. You must have agreed to the Outbreak Filters
license agreement first.
Outbreak Filters Global Settings page, and click Submit. You must have agreed to the Outbreak Filters
license agreement first.
Once enabled globally, the Outbreak Filters feature can then be enabled or disabled individually for each
incoming and outgoing mail policy, including the default policies. For more information, see
incoming and outgoing mail policy, including the default policies. For more information, see
The Outbreak Filters feature uses the Context Adaptive Scanning Engine (CASE) to detect viral threats,
regardless of whether anti-spam scanning is enabled, but you do need to have Anti-Spam or Intelligent
Multi-Scan enabled globally on the appliance in order to scan for non-viral threats.
regardless of whether anti-spam scanning is enabled, but you do need to have Anti-Spam or Intelligent
Multi-Scan enabled globally on the appliance in order to scan for non-viral threats.
Note
If you have not already agreed to the license during system setup (see
must click Enable on the Security Services > Outbreak Filters page, and then read and agree to the
license.
license.
Enabling Adaptive Rules
Adaptive Scanning enables the use of Adaptive Rules in Outbreak Filters. A set of factors or traits (file
size, etc.) are used to determine the likelihood of a message being part of an outbreak when no virus
signature or spam criteria relating to the message’s content is available. To enable Adaptive Scanning,
check the box next to Enable Adaptive Rules on the Outbreak Filters Global Settings page, and click
Submit.
size, etc.) are used to determine the likelihood of a message being part of an outbreak when no virus
signature or spam criteria relating to the message’s content is available. To enable Adaptive Scanning,
check the box next to Enable Adaptive Rules on the Outbreak Filters Global Settings page, and click
Submit.