Cisco Cisco Email Security Appliance C170 Mode D'Emploi
16-15
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 16 Protecting Against Malicious or Undesirable URLs
Troubleshooting URL Filtering
Malicious URLs and Marketing Messages Are Not Caught by Anti-Spam or
Outbreak Filters
Outbreak Filters
Problem
Malicious URLs and messages containing marketing links are not caught by the anti-spam or
outbreak filters.
Solution
•
This can occur because web site reputation and category are only two among many criteria that
anti-spam and outbreak filters use to determine their verdicts. You can increase the sensitivity of
these filters by lowering the thresholds required to take action such as rewriting or replacing URLs
with text, or quarantining or dropping messages. For details, see
anti-spam and outbreak filters use to determine their verdicts. You can increase the sensitivity of
these filters by lowering the thresholds required to take action such as rewriting or replacing URLs
with text, or quarantining or dropping messages. For details, see
. Alternatively, create content
or message filters based on URL reputation score.
•
This can also occur if the Email Security appliance is unable to connect to the Cisco Web Security
Services. See
Services. See
.
URLs in a Filtered Category Are Not Handled Correctly
Problem
The defined action in a content or message filter based on URL category is not applied.
Solution
•
Use the Trace feature (described in the Troubleshooting chapter) to follow the message processing
path.
path.
•
This can occur if the Email Security appliance is unable to connect to the Cisco Web Security
Services. See
Services. See
.
•
If there are no connection issues, the URLs may not yet be categorized, or may be miscategorized.
See
See
. You can use this site to
determine the category of a URL.
End User Reaches Malicious Site via Rewritten URL
Problem
A malicious URL was redirected to the Cisco Web Security Proxy, but the end user was able to
access the site anyway.
Solution
This can occur if:
•
The site was not yet identified as a malicious site.
•
The connection to the Cisco Web Security Proxy timed out, which should be a rare occurrence.
Ensure that network issues are not interfering with the connection.
Ensure that network issues are not interfering with the connection.
Manually Configuring a Certificate for Communication with Cisco Web
Security Services
Security Services
Use this procedure if the appliance is unable to automatically obtain a certificate for communication with
Cisco Web Security Services.
Cisco Web Security Services.