Cisco Cisco Email Security Appliance C160 Mode D'Emploi
2-2
Cisco IronPort AsyncOS 7.6 for Email Daily Management Guide
OL-25138-01
Chapter 2 Using Email Security Monitor
Email Security Monitor Pages
•
Reputation filter matches
•
Number of anti-spam messages for suspected spam and positively identified spam
•
Number of virus-positive message detected by anti-virus scanning
See the “Anti-Spam” chapter in the Cisco IronPort AsyncOS Configuration Guide for more information
on Anti-Spam scanning and the “Anti-Virus” chapter in the Cisco IronPort AsyncOS Configuration
Guide for more information on anti-virus scanning.
on Anti-Spam scanning and the “Anti-Virus” chapter in the Cisco IronPort AsyncOS Configuration
Guide for more information on anti-virus scanning.
The Email Security Monitor feature also captures information on which content filter a particular
message triggers, including the internal user (email recipient) to or from which the message was sent.
message triggers, including the internal user (email recipient) to or from which the message was sent.
The Email Security Monitor feature is available in the GUI only, and provides a view into your email
traffic and the status of your Cisco IronPort appliance (including quarantines, work queues, and
outbreaks). The appliance identifies when a sender falls outside of the normal traffic profile. Senders that
do are highlighted in the interface, allowing you to take corrective action by assigning that sender to a
sender group or refining the access profile of the sender; or, you can let AsyncOS’s security services
continue to react and respond. Outbound mail has a similar monitoring capability, providing you a view
into the top domains in the mail queue and the status of receiving hosts (see
traffic and the status of your Cisco IronPort appliance (including quarantines, work queues, and
outbreaks). The appliance identifies when a sender falls outside of the normal traffic profile. Senders that
do are highlighted in the interface, allowing you to take corrective action by assigning that sender to a
sender group or refining the access profile of the sender; or, you can let AsyncOS’s security services
continue to react and respond. Outbound mail has a similar monitoring capability, providing you a view
into the top domains in the mail queue and the status of receiving hosts (see
).
Note
Information for messages present in the work queue when the appliance is rebooted is not reported by
the Email Security Monitor feature.
the Email Security Monitor feature.
Email Security Monitor and Centralized Management
In this version of AsyncOS, you cannot aggregate Email Security Monitor reports of clustered Cisco
IronPort appliances. All reports are restricted to machine level. This means they cannot be run at the
group or cluster levels — only on individual machines.
IronPort appliances. All reports are restricted to machine level. This means they cannot be run at the
group or cluster levels — only on individual machines.
The same is true of the Archived Reports page — each machine in effect has its own archive. Thus, the
“Generate Report” feature runs on the selected machine.
“Generate Report” feature runs on the selected machine.
The Scheduled Reports page is not restricted to machine level; therefore, settings can be shared across
multiple machines. Individual scheduled reports run at machine level just like interactive reports, so if
you configure your scheduled reports at cluster level, every machine in the cluster will send its own
report.
multiple machines. Individual scheduled reports run at machine level just like interactive reports, so if
you configure your scheduled reports at cluster level, every machine in the cluster will send its own
report.
The “Preview This Report” button always runs against the login-host.
Email Security Monitor Pages
The Email Security Monitor feature is the first page displayed after you access the GUI. To view the
Email Security Monitor feature, access the GUI. (See the “Overview” chapter in the Cisco IronPort
AsyncOS for Email Configuration Guide.) The Overview page on the Monitor menu is displayed. If you
have completed the System Setup Wizard (or the CLI
Email Security Monitor feature, access the GUI. (See the “Overview” chapter in the Cisco IronPort
AsyncOS for Email Configuration Guide.) The Overview page on the Monitor menu is displayed. If you
have completed the System Setup Wizard (or the CLI
systemsetup
command) and committed the
changes, at least one public listener should already be configured to accept email on your appliance. If
the appliance is accepting email, the Overview page will be populated with data.
the appliance is accepting email, the Overview page will be populated with data.
The Email Security Monitor feature is comprised of all the pages available on the Monitor menu except
the Quarantines pages.
the Quarantines pages.