Cisco Cisco Content Security Management Appliance M390 Guida Utente
4-36
AsyncOS 9.5.2 for Cisco Content Security Management Appliances User Guide
Chapter 4 Using Centralized Email Security Reporting
Understanding the Email Reporting Pages
Other modules on this page provide:
•
The number of incoming messages processed by Outbreak Filters in the selected time period.
Non-viral threats include phishing emails, scams, and malware distribution using links to an external
website.
website.
•
Severity of threats caught by Outbreak Filters.
Level 5 threats are severe in scope or impact, while Level 1 represents low threat risk. For
descriptions of threat levels, see the online help or user guide for your Email Security appliance.
descriptions of threat levels, see the online help or user guide for your Email Security appliance.
•
Length of time messages spent in the Outbreak Quarantine.
This duration is determined by the time it takes the system to compile enough data about the
potential threat to make a verdict on its safety. Messages with viral threats typically spend more time
in the quarantine than those with non-viral threats, because they must wait for anti-virus program
updates. The maximum retention time that you specify for each mail policy is also reflected.
potential threat to make a verdict on its safety. Messages with viral threats typically spend more time
in the quarantine than those with non-viral threats, because they must wait for anti-virus program
updates. The maximum retention time that you specify for each mail policy is also reflected.
•
The URLs most frequently rewritten to redirect message recipients to the Cisco Web Security Proxy
for click-time evaluation of the site if and when the recipient clicks a potentially malicious link in a
message.
for click-time evaluation of the site if and when the recipient clicks a potentially malicious link in a
message.
This list may include URLs that are not malicious, because if any URL in a message is deemed
malicious, then all URLs in the message are rewritten.
malicious, then all URLs in the message are rewritten.
Note
In order to correctly populate the tables on the Outbreak Filters reporting page, the appliance must be
able to communicate with the Cisco update servers specified in Management Appliance > System
Administration > Update Settings.
able to communicate with the Cisco update servers specified in Management Appliance > System
Administration > Update Settings.
For more information, see the Outbreak Filters chapter in the online help or user guide for your Email
Security appliance.
Security appliance.
Reporting of Graymail
Graymail statistics are reflected in the following reports:
Report
Contains the Following Graymail Data
Overview page > Incoming Mail Summary
The number of incoming graymail messages under each graymail category
(Marketing, Social, and Bulk) and the total number of graymail messages.
(Marketing, Social, and Bulk) and the total number of graymail messages.
Incoming Mail page > Top Senders by Graymail
Messages
Messages
The top graymail senders.
Incoming Mail page > Incoming Mail Details
The number of incoming graymail messages under each graymail category
(Marketing, Social, and Bulk) and the total number of graymail messages
for all the IP addresses, domain names, or network owners.
(Marketing, Social, and Bulk) and the total number of graymail messages
for all the IP addresses, domain names, or network owners.
Incoming Mail page > Incoming Mail Details >
Sender Profile (drill down view)
Sender Profile (drill down view)
The number of incoming graymail messages under each graymail category
(Marketing, Social, and Bulk) and the total number of graymail messages
for a given IP address, domain name, or network owner.
(Marketing, Social, and Bulk) and the total number of graymail messages
for a given IP address, domain name, or network owner.
Internal Users page > Top Users by Graymail
The top end users who receive graymail.