Cisco Cisco Email Security Appliance C160 Mode D'Emploi

(Optional) Adjust the Advanced settings for the reputation query:

Submit and commit your changes. 

Select Mail Policies > Incoming Mail Policies.

Click the link in the Advanced Malware Protection column of the mail policy to modify. 

Choose options. 

If you do not want to send files to the cloud, for example for confidentiality reasons, deselect Enable 
File Analysis. 

Attachments are considered "Unscannable" when the appliance is unable to obtain information from 
the file reputation service for any reason, for example because the connection timed out. 

Archived messages will be stored as an mbox-format log file in the 

amparchive

 directory on the 

appliance. The preconfigured AMP Archive (amparchive) log subscription is required. 

To perform an action not directly available on this page, see the configuration example at 

. 

Submit and commit your changes. 

To quarantine messages with attachments that have been sent for analysis, use an X-Header or Custom 
Header and content filters. 

SSL Communication for File Reputation

Check Use SSL (Port 443) to communicate on port 443 
instead of the default port, 32137.

This option also allows you to configure an upstream proxy 
for file reputation.

SSL communication over port 32137 may require 
you to open that port in your firewall.

Reputation Threshold

Use value from Cloud Service

Enter custom value

The upper limit for acceptable file reputation scores. 
Scores above this threshold indicate the file is infected.