Cisco Cisco Email Security Appliance C170 사용자 가이드

The Outbreak Filters feature uses the Context Adaptive Scanning Engine (CASE) 
to detect viral threats, regardless of whether anti-spam scanning is enabled, but 
you do need to have IronPort Anti-Spam or Intelligent Multi-Scan enabled 
globally on the aplliance in order to scan for non-viral threats.

If you have not already agreed to the license during system setup (see 

), you must click Enable on the Security Services > Outbreak 

Filters page, and then read and agree to the license.

Adaptive Scanning enables the use of Adaptive Rules in Outbreak Filters. A set 
of factors or traits (file size, etc.) are used to determine the likelihood of a message 
being part of an outbreak when no virus signature or spam criteria relating to the 
message’s content is available. To enable Adaptive Scanning, check the box next 
to Enable Adaptive Rules on the Outbreak Filters Global Settings page, and click 
Submit.

Check the box labeled “Emailed Alerts” to enable alerting for the Outbreak Filters 
feature. Enabling emailed alerts for Outbreak Filters merely enables the alerting 
engine to send alerts regarding Outbreak Filters. Specifying which alerts are sent 
and to which email addresses is configured via the Alerts page in the System 
Administration tab. For more information on configuring alerts for Outbreak 
Filters, see 

.

Outbreak Rules are published by the Cisco IronPort Security Intelligence 
Operations and your Cisco IronPort appliance checks for and downloads new 
outbreak rules every 5 minutes. You can change this update interval. See 

 for more information.