Cisco Cisco Email Security Appliance C160 Mode D'Emploi

The Cisco Content Security Management appliance lets you separate the end-user interfaces (such as 
mail applications) from the more secure gateway systems residing in your various DMZs. Using a 
two-layer firewall can provide you with flexibility in network planning so that end users do not connect 
directly to the outer DMZ. 

 shows a typical network configuration incorporating the Security Management appliance 

and multiple DMZs.

Large corporate data centers can share one Security Management appliance which acts as an external 
spam quarantine for one or more Email Security appliances. Meanwhile, remote offices can maintain 
local spam quarantines on Email Security appliances for local use. 

If your network is configured as described in 

, incoming mail from the Internet is received 

by appliances in the outer DMZ. Clean mail is sent along to the mail transfer agent (MTA) (groupware) 
in the inner DMZ and eventually to the end users within the corporate network.

Spam and suspected spam (depending on your mail flow policy settings) is sent to the spam quarantine 
on the Security Management appliance. End users may then access the quarantine and elect to delete 
spam and release messages that they would like to have delivered to themselves. Messages remaining in 
the spam quarantine are automatically deleted after a configurable amount of time.