Cisco Cisco Email Security Appliance C160 Mode D'Emploi

Choose the operation you want to perform:

- SETUP - Change Outbreak Filters settings.

[]>

Outbreak Rules are published by the Cisco Security Intelligence Operations and your appliance checks 
for and downloads new outbreak rules every 5 minutes. You can change this update interval. See 

 for more information.

Because the Outbreak Filters Rules are automatically downloaded for you, there really is no management 
needed on the part of the user.

However, if for some reason your appliance is not able to reach Cisco’s update servers for new rules over 
a period of time, it is possible that your locally-cached scores are no longer valid, i.e., if a known viral 
attachment type now has an update in the anti-virus software and/or is no longer a threat. At this time, 
you may wish to no longer quarantine messages with these characteristics.

You can manually download updated outbreak rules from Cisco’s update servers by clicking Update 
Rules Now.

The Update Rules Now button does not “flush” all existing outbreak rules on the appliance. It only 
replaces outbreak rules that have been updated. If there are no updates available on Cisco’s update 
servers, then the appliance will not download any outbreak rules when you click this button.

By default, your appliance will attempt to download new Outbreak Filters rules every 5 minutes. You 
can change this interval via the Security Services > Service Updates page. For more information, see 

.

The Outbreak Filters feature has settings that can be set per mail policy. The Outbreak Filters feature can 
be enabled or disabled for each mail policy on the appliance. Specific file extensions and domains can 
be exempted from processing by the Outbreak Filters feature, per mail policy. This functionality is also 
available via the 

policyconfig

 CLI command (see the CLI Reference Guide for AsyncOS for Cisco 

Email Security Appliances).