Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
2-26
Cisco IronPort AsyncOS 7.6 for Email Daily Management Guide
OL-25138-01
Chapter 2 Using Email Security Monitor
Email Security Monitor Pages
In the Matches by Internal User section, you can click the name of a user to view that internal user’s
(email address) Internal User details page (see
(email address) Internal User details page (see
Figure 2-25
Content Filters Page
The Outbreak Filters Page
The Outbreak Filters page shows the current status and configuration of Outbreak Filters on your Cisco
IronPort appliance as well as information about recent outbreaks and messages quarantined due to
Outbreak Filters. You can use this page to monitor your defense against targeted virus, scam, and
phishing attacks.
IronPort appliance as well as information about recent outbreaks and messages quarantined due to
Outbreak Filters. You can use this page to monitor your defense against targeted virus, scam, and
phishing attacks.
The Threats By Type section shows the different types of threat messages received by the appliance. The
Threat Summary section shows a breakdown of the messages by Virus, Phish, and Scam.
Threat Summary section shows a breakdown of the messages by Virus, Phish, and Scam.
The Past Year Outbreak Summary lists global as well as local outbreaks over the past year, allowing you
to compare local network trends to global trends. The listing of global outbreaks is a superset of all
outbreaks, both viral and non-viral, whereas local outbreaks are limited to virus outbreaks that have
affected your Cisco IronPort appliance. Local outbreak data does not include non-viral threats. Global
outbreak data represents all outbreaks detected by the Cisco IronPort Threat Operations Center which
exceeded the currently configured threshold for the outbreak quarantine. Local outbreak data represents
all virus outbreaks detected on this appliance which exceeded the currently configured threshold for the
outbreak quarantine. The Total Local Protection Time is always based on the difference between when
each virus outbreak was detected by the Cisco IronPort Threat Operations Center and the release of an
anti-virus signature by a major vendor. Note that not every global outbreak affects your Cisco IronPort
appliance. A value of “--” indicates either a protection time does not exist, or the signature times were
not available from the anti-virus vendors (some vendors may not report signature times). This does not
indicate a protection time of zero, rather it means that the information required to calculate the protection
time is not available.
to compare local network trends to global trends. The listing of global outbreaks is a superset of all
outbreaks, both viral and non-viral, whereas local outbreaks are limited to virus outbreaks that have
affected your Cisco IronPort appliance. Local outbreak data does not include non-viral threats. Global
outbreak data represents all outbreaks detected by the Cisco IronPort Threat Operations Center which
exceeded the currently configured threshold for the outbreak quarantine. Local outbreak data represents
all virus outbreaks detected on this appliance which exceeded the currently configured threshold for the
outbreak quarantine. The Total Local Protection Time is always based on the difference between when
each virus outbreak was detected by the Cisco IronPort Threat Operations Center and the release of an
anti-virus signature by a major vendor. Note that not every global outbreak affects your Cisco IronPort
appliance. A value of “--” indicates either a protection time does not exist, or the signature times were
not available from the anti-virus vendors (some vendors may not report signature times). This does not
indicate a protection time of zero, rather it means that the information required to calculate the protection
time is not available.