Cisco Cisco Email Security Appliance C160 Mode D'Emploi

(a) Filenames will be encoded in a 1-way hash (MD5). 

(b) Filenames will be sent in an obfuscated form, with all lowercase ASCII letters ([a-z]) replaced with “a,” all uppercase ASCII 

letters ([A-Z]) replaced with “A,” any multi-byte UTF-8 characters replaced with “x” (to provide privacy for other character 
sets), all ASCII digits ([0-9]) replaced with “0,” and all other single byte characters (whitespace, punctuation, etc.) 
maintained. For example, the file Britney1.txt.pif would appear as Aaaaaaa0.aaa.pif.

(c) URL hostnames point to a web server providing content, much as an IP address does. No confidential information, such as 

usernames and passwords, are included. 

(d) URL information following the hostname is obfuscated to ensure that any personal information of the user is not revealed.

From AsyncOS 8.5 for Email and later, if IronPort Anti-Spam or Intelligent Multi-Scan feature keys are 
active and SenderBase Network Participation is enabled, AsyncOS performs the following actions to 
improve the efficacy of the product:

Collects information about repetition of certain headers in messages, encrypts the collected 
information, and adds the encrypted information to the respective messages as headers.

You can submit these processed messages to Cisco for analysis. Each message is reviewed by a team 
of human analysts and used to enhance the efficacy of the product. For instructions to submit 
messages to Cisco for analysis, see 

Sends a random sample of messages to CASE for Antispam scanning, irrespective of their sender's 
SBRS. CASE scans these messages and uses the results to improve the efficacy of the product. 
AsyncOS performs this action only when it is idle. As a result, this feedback mechanism does not 
have any significant impact on the processing of messages.

If you agree to participate in the SenderBase Network: 

Data sent from your Cisco appliances will be sent to the Cisco SenderBase Network servers using 
the secure protocol HTTPS. 

All customer data will be handled with care at Cisco. This data will be stored in a secure location 
and access to the data will be limited to employees and contractors at Cisco who require access in 
order to improve the company's email security products and services or provide customer support. 

No information identifying email recipients or the customer's company will be shared outside of 
Cisco Systems when reports or statistics are generated based on the data. 

100 attachments that have a “.doc” extension but are 
actually “.exe”

50 attachments are “.exe” extensions within a zip

30 attachments were “.exe” within the 50-55K range