Manualsbrain.com
  1. Manuels
  2. Marques
  3. Cisco
  4. Cisco Email Security Appliance C160
  5. Livre blanc

Cisco Cisco Email Security Appliance C160 Livre blanc

Télécharger
Page de 13
© 2016 Cisco and/or its affiliates. All rights reserved.
8
Step 2 Select Enable Content Filters (Customize settings) and select 
the policies you wish to enable on the email policy.
Step 3 The policies should include the two newly created policies: 
Block_URLs and Block_URL_Category
Step 4 Click Submit. The policy should look like this:
Step 5 Click Commit Changes, enter a description of the changes in the 
Comment field, and Commit Changes
Note:
 It is important to put in a descriptive comment when committing 
changes. There is a feature at the command-line-interface (CLI) level 
that allows the email administrator to roll back the configuration to a 
previous version. This feature will display the last 10 commits, their date 
and time, and the description entered. If the comment field is not filled 
in at commit time, the field will be blank when a configuration rollback is 
attempted. This may complicate rolling back configurations. 
Configuring Outbreak Filters
Outbreak Filters is configured under Incoming Mail Policies for either the 
Default policy or one or more individual policies.
By default, only the day-zero virus protection is active since the markup 
and rewriting of messages for blended threat protection is visible to end 
users. End users should be educated about the changes before rolling 
the blended threat protection out to the entire user community.
To determine if Outbreak Filters is enabled for blended threat protection, 
look at the Incoming Mail Policies for an entry of “Other: 4 hours” in the 
Outbreak Filters column. If it is missing, blended threat protection is 
not enabled.
Configuring Outbreak Filters
Step 1 Click to open Mail Policies > Incoming Mail Policies, then Click 
Enable Outbreak Filtering (Customize Settings) for the desired mail 
policy. 
The IT Group is used as an example. Cisco recommends that Outbreak 
Filters be rolled out in a pilot program. This feature modifies email 
messages and makes security visible to end users, requiring clear 
messaging and user notification during deployment.
The top two configuration items are for the zero-day virus protection 
offered by Outbreak Filters. The 
Other Threats option is the Maximum 
Quarantine Retention timer for messages that are temporarily 
quarantined by Outbreak Filters’ blended threat protection. The “Deliver 
messages without adding them to quarantine” option allows you to 
bypass the use of a temporary quarantine for those blended threat 
messages. It is not recommended to use this bypass.
Step 2 Click Enable Message Modification to turn on the blended threat 
protection.
Cisco Email Security How-To Guide
How-To Protect Against URL-Based Attacks 
Cisco Public