Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
17-10
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 17 File Reputation Filtering and File Analysis
Configuring File Reputation and Analysis Features
Step 8
Submit and commit your changes.
Step 9
If you are using an on-premises Cisco AMP Threat Grid appliance, activate the account for this appliance
on the AMP Threat Grid appliance.
on the AMP Threat Grid appliance.
Complete instructions for activating the “user” account are available in the AMP Threat Grid
documentation.
documentation.
a.
Note the File Analysis Client ID that appears at the bottom of the page. This identifies the “user”
that you will activate.
that you will activate.
b.
Sign in to the AMP Threat Grid appliance.
c.
Select Welcome... > Manage Users and navigate to User Details.
d.
Locate the “user” account based on the File Analysis Client ID of your Email Security appliance.
e.
Activate this “user” account for your appliance.
(Public Cloud File Analysis Services Only) Configuring Appliance Groups
In order to allow all content security appliances in your organization to view file analysis result details
in the cloud for files sent for analysis from any appliance in your organization, you need to join all
appliances to the same appliance group.
in the cloud for files sent for analysis from any appliance in your organization, you need to join all
appliances to the same appliance group.
Step 1
Select Security Services > File Reputation and Analysis.
Option
Description
File Analysis Server URL
Choose either: the name (URL) of an external cloud server,
or Private analysis cloud.
or Private analysis cloud.
If specifying an external cloud server, choose the server
that is physically nearest to your appliance.Newly available
servers will be added to this list periodically using standard
update processes.
that is physically nearest to your appliance.Newly available
servers will be added to this list periodically using standard
update processes.
Choose Private analysis cloud to use an on-premises
Cisco AMP Threat Grid appliance for file analysis, and
provide the following:
Cisco AMP Threat Grid appliance for file analysis, and
provide the following:
•
Server – The URL of the on-premises private analysis
cloud server.
cloud server.
•
Certificate Authority – Choose either Use Cisco
Default Certificate Authority, or Use Uploaded
Certificate Authority.
Default Certificate Authority, or Use Uploaded
Certificate Authority.
If you choose Use Uploaded Certificate Authority,
click Browse to upload a valid certificate file for
encrypted communications between this appliance and
your private cloud appliance. This must be the same
certificate used by the private cloud server.
click Browse to upload a valid certificate file for
encrypted communications between this appliance and
your private cloud appliance. This must be the same
certificate used by the private cloud server.
File Analysis Client ID
The client ID for this appliance on the File Analysis server
(read-only).
(read-only).