Manualsbrain.com
  1. Manuels
  2. Marques
  3. Cisco
  4. Cisco Email Security Appliance C160
  5. Mode D'Emploi

Cisco Cisco Email Security Appliance C160 Mode D'Emploi

Télécharger
Page de 1181
 
17-14
AsyncOS 9.0 for Cisco Web Security Appliances User Guide
 
Chapter 17      File Reputation Filtering and File Analysis
  File Reputation and File Analysis Reporting and Tracking
Related Topics 
Configuring Centralized Reporting for Advanced Malware Protection Features 
If you will centralize reporting on a Security Management appliance, see important configuration 
requirements in the Advanced Malware Protection sections in the email reporting chapter of the online 
help or user guide for your management appliance. 
File Reputation and File Analysis Reporting and Tracking 
Identifying Files by SHA-256 Hash 
Because filenames can easily be changed, the appliance generates an identifier for each file using a 
Secure Hash Algorithm (SHA-256). If an appliance processes the same file with different names, all 
instances are recognized as the same SHA-256. If multiple appliances process the same file, all instances 
of the file have the same SHA-256 identifier. 
In most reports, files are listed by their SHA-256 value (in an abbreviated format).  
File Reputation and File Analysis Report Pages 
Report Description 
Advanced Malware 
Protection 
Shows file-based threats that were identified by the file reputation service. 
For files with changed verdicts, see the AMP Verdict updates report. Those 
verdicts are not reflected in the Advanced Malware Protection report.
Note
If one of the extracted files from a compressed or an archive file is 
malicious, only SHA value of the compressed or archive file is 
included in the Advanced Malware Protection report.