Cisco Cisco Email Security Appliance C160 Mode D'Emploi
31-4
Cisco AsyncOS 8.0.2 for Email User Guide
Chapter 31 SenderBase Network Participation
Frequently Asked Questions
(a) Filenames will be encoded in a 1-way hash (MD5).
(b) Filenames will be sent in an obfuscated form, with all lowercase ASCII letters ([a-z]) replaced with “a,” all uppercase ASCII
letters ([A-Z]) replaced with “A,” any multi-byte UTF-8 characters replaced with “x” (to provide privacy for other character
sets), all ASCII digits ([0-9]) replaced with “0,” and all other single byte characters (whitespace, punctuation, etc.)
maintained. For example, the file Britney1.txt.pif would appear as Aaaaaaa0.aaa.pif.
sets), all ASCII digits ([0-9]) replaced with “0,” and all other single byte characters (whitespace, punctuation, etc.)
maintained. For example, the file Britney1.txt.pif would appear as Aaaaaaa0.aaa.pif.
(c) URL hostnames point to a web server providing content, much as an IP address does. No confidential information, such as
usernames and passwords, are included.
(d) URL information following the hostname is obfuscated to ensure that any personal information of the user is not revealed.
What does Cisco do to make sure that the data I share is secure?
If you agree to participate in the SenderBase Network:
•
Data sent from your Cisco appliances will be sent to the Cisco SenderBase Network servers using
the secure protocol HTTPS.
the secure protocol HTTPS.
•
All customer data will be handled with care at Cisco. This data will be stored in a secure location
and access to the data will be limited to employees and contractors at Cisco who require access in
order to improve the company's email security products and services or provide customer support.
and access to the data will be limited to employees and contractors at Cisco who require access in
order to improve the company's email security products and services or provide customer support.
•
No information identifying email recipients or the customer's company will be shared outside of
Cisco Systems when reports or statistics are generated based on the data.
Cisco Systems when reports or statistics are generated based on the data.
Will sharing data impact the performance of my Cisco appliances?
Cisco believes that there will be a minimal performance impact for most customers. We record data that
already exists as part of the mail delivery process. Customer data is then aggregated on the appliance and
sent to SenderBase servers in batches, typically every 5 minutes. We anticipate that the total size of data
transferred via HTTPS will be less than 1% of the bandwidth of a typical company's email traffic.
already exists as part of the mail delivery process. Customer data is then aggregated on the appliance and
sent to SenderBase servers in batches, typically every 5 minutes. We anticipate that the total size of data
transferred via HTTPS will be less than 1% of the bandwidth of a typical company's email traffic.
When enabled, the Context Adaptive Scanning Engine (CASE) is used to collect and report the data
(regardless of whether or not Cisco anti-spam scanning is enabled).
(regardless of whether or not Cisco anti-spam scanning is enabled).
Note
If you choose to participate in the SenderBase Network, a “body scan” is performed on each message.
This happens regardless of whether a filter or other action applied to the message would have triggered
a body scan. See “
This happens regardless of whether a filter or other action applied to the message would have triggered
a body scan. See “
” for more information about body scanning.
If you have additional questions, please contact Cisco Customer Support. See
.
Correlation of attachment types, true file type, and
container type
container type
100 attachments that have a “.doc” extension but are
actually “.exe”
actually “.exe”
50 attachments are “.exe” extensions within a zip
Correlation of extension and true file type with
attachment size
attachment size
30 attachments were “.exe” within the 50-55K range
Table 31-2
Statistics Shared Per IP Address
Item
Sample Data (continued)