Cisco Cisco Content Security Management Appliance M160 ユーザーガイド
4-29
AsyncOS 9.5.x for Cisco Content Security Management Appliances User Guide
Chapter 4 Using Centralized Email Security Reporting
Understanding the Email Reporting Pages
(On-Premises File Analysis) Activate the File Analysis Account
If you have deployed an on-premises (private cloud) Cisco AMP Threat Grid Appliance, you must
activate the File Analysis account for your Cisco Content Security Management appliance in order to
view report details available on the Threat Grid appliance. You generally only need to do this once.
activate the File Analysis account for your Cisco Content Security Management appliance in order to
view report details available on the Threat Grid appliance. You generally only need to do this once.
Before You Begin
Ensure that you are receiving System alerts at Critical level.
Procedure
Step 1
The first time you attempt to access File Analysis report details from the Threat Grid appliance, wait a
few minutes and you will receive an alert that includes a link.
few minutes and you will receive an alert that includes a link.
If you do not receive this alert, go to Management Appliance > System Administration > Alerts and
click View Top Alerts.
click View Top Alerts.
Step 2
Click the link in the alert message.
Step 3
Activate your management appliance account.
Additional Requirements
For any additional requirements, see the Release Notes for your Security Management appliance release,
available from
available from
Identifying Files by SHA-256 Hash
Because filenames can easily be changed, the appliance generates an identifier for each file using a
Secure Hash Algorithm (SHA-256). If an appliance processes the same file with different names, all
instances are recognized as the same SHA-256. If multiple appliances process the same file, all instances
of the file have the same SHA-256 identifier.
Secure Hash Algorithm (SHA-256). If an appliance processes the same file with different names, all
instances are recognized as the same SHA-256. If multiple appliances process the same file, all instances
of the file have the same SHA-256 identifier.
In most reports, files are listed by their SHA-256 value (in an abbreviated format).