Cisco Cisco Email Security Appliance C160 Mode D'Emploi
27-20
Cisco AsyncOS 8.5.5 for Email Security User Guide
Chapter 27 Using Email Security Monitor
Email Security Monitor Pages
•
Results of click-time URL evaluations by the Cisco Web Security proxy are not reflected in reports.
File Reputation and File Analysis Reports
For the following reports, see
•
Advanced Malware Protection
•
File Analysis
•
AMP Verdict Updates
TLS Connections Page
The TLS Connections pages shows the overall usage of TLS connections for sent and received mail. The
report also shows details for each domain sending mail using TLS connections.
report also shows details for each domain sending mail using TLS connections.
The TLS Connections page can be used to determine the following information:
•
Overall, what portion of incoming and outgoing connections use TLS?
•
What partners do I have successful TLS connections with?
•
What partners do I have unsuccessful TLS connections with?
•
What partners have issue with their TLS certificates?
•
What percent of overall mail with a partner uses TLS?
The TLS Connections page is divided into a section for incoming connections and a section for outgoing
connections. Each section includes a graph, summaries, and a table with details.
connections. Each section includes a graph, summaries, and a table with details.
The graph displays a view of incoming or outgoing TLS-encrypted and non-encrypted connections over
the time range you specify. The graph displays the total volume of messages, the volume of encrypted
and unencrypted messages, and the volume of successful and failed TLS encrypted messages. The
graphs distinguish between connections in which TLS was required and connections in which TLS was
merely preferred.
the time range you specify. The graph displays the total volume of messages, the volume of encrypted
and unencrypted messages, and the volume of successful and failed TLS encrypted messages. The
graphs distinguish between connections in which TLS was required and connections in which TLS was
merely preferred.
The table displays details for domains sending or receiving encrypted messages. For each domain, you
can view the number of required and preferred TLS connections that were successful and that failed, the
total number of TLS connections attempted (whether successful or failed), and the total number of
unencrypted connections. You can also view the percentage of all connections in which TLS was
attempted, and the total number of encrypted messages sent successfully, regardless of whether TLS was
preferred or required. You can show or hide columns by clicking the Columns link at the bottom of this
table.
can view the number of required and preferred TLS connections that were successful and that failed, the
total number of TLS connections attempted (whether successful or failed), and the total number of
unencrypted connections. You can also view the percentage of all connections in which TLS was
attempted, and the total number of encrypted messages sent successfully, regardless of whether TLS was
preferred or required. You can show or hide columns by clicking the Columns link at the bottom of this
table.
Inbound SMTP Authentication Page
The Inbound SMTP Authentication page shows the use of client certificates and the SMTP AUTH
command to authenticate SMTP sessions between the Email Security appliance and users’ mail clients.
If the appliance accepts the certificate or SMTP AUTH command, it will establish a TLS connection to
the mail client, which the client will use to send a message. Since it is not possible for the appliance to
track these attempts on a per-user basis, the report shows details on SMTP authentication based on the
domain name and domain IP address.
command to authenticate SMTP sessions between the Email Security appliance and users’ mail clients.
If the appliance accepts the certificate or SMTP AUTH command, it will establish a TLS connection to
the mail client, which the client will use to send a message. Since it is not possible for the appliance to
track these attempts on a per-user basis, the report shows details on SMTP authentication based on the
domain name and domain IP address.
Use this report to determine the following information: