Cisco Cisco Content Security Management Appliance M1070 Mode D'Emploi
3-31
Cisco IronPort AsyncOS 7.2.0 for Security Management User Guide
OL-21768-01
Chapter 3 Using Centralized Email Reporting
Virus Outbreaks Page
The Virus Outbreaks page shows information about recent outbreaks and the
messages quarantined by Virus Outbreak Filters. Use this page to monitor your
defense against virus attacks.
messages quarantined by Virus Outbreak Filters. Use this page to monitor your
defense against virus attacks.
Outbreak Summary
The Outbreak Summary section lists global and local outbreaks. You can compare
local network virus trends to global trends. Global outbreak data represent all
outbreaks detected by the Cisco IronPort Threat Operations Center that exceeded
the currently configured threshold for an outbreak quarantine. Not every global
outbreak affects your Email Security appliances. Local outbreak data represent
only the outbreaks that affected your Email Security appliances. The Total Local
Protection Time is the difference between when each threat was detected by the
Cisco IronPort Threat Operations Center and the release of an anti-virus signature
by a major vendor.
local network virus trends to global trends. Global outbreak data represent all
outbreaks detected by the Cisco IronPort Threat Operations Center that exceeded
the currently configured threshold for an outbreak quarantine. Not every global
outbreak affects your Email Security appliances. Local outbreak data represent
only the outbreaks that affected your Email Security appliances. The Total Local
Protection Time is the difference between when each threat was detected by the
Cisco IronPort Threat Operations Center and the release of an anti-virus signature
by a major vendor.
Quarantined Messages
The Quarantined Messages section summarizes Virus Outbreak Filters
quarantining. It is a gauge of the number of potential threat messages that Virus
Outbreak Filters are catching. Quarantined messages are counted at time of
release. Typically, messages are quarantined before anti-virus signatures are
available. When released, the messages are scanned by the anti-virus software and
determined to be virus positive or clean. If anti-virus software is not enabled on
an Email Security appliance, the number of virus positive messages detected is
zero.
quarantining. It is a gauge of the number of potential threat messages that Virus
Outbreak Filters are catching. Quarantined messages are counted at time of
release. Typically, messages are quarantined before anti-virus signatures are
available. When released, the messages are scanned by the anti-virus software and
determined to be virus positive or clean. If anti-virus software is not enabled on
an Email Security appliance, the number of virus positive messages detected is
zero.
For historical reporting, messages are counted at the time of release from the
Outbreak quarantine. Because of the dynamic nature of Virus Outbreak tracking,
the rule under which a message is quarantined (and even the associated outbreak)
may change while the message is in the quarantine. Counting the messages at the
time of release (rather than the time of entry into the quarantine) avoids the
confusion of having counts that fluctuate.
Outbreak quarantine. Because of the dynamic nature of Virus Outbreak tracking,
the rule under which a message is quarantined (and even the associated outbreak)
may change while the message is in the quarantine. Counting the messages at the
time of release (rather than the time of entry into the quarantine) avoids the
confusion of having counts that fluctuate.
To view the number of messages currently in the Outbreak quarantine, choose
Monitor > Local Quarantines page on the Email Security appliance.
Monitor > Local Quarantines page on the Email Security appliance.