Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
36-2
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Chapter 36 SenderBase Network Participation
Frequently Asked Questions
Frequently Asked Questions
Cisco recognizes that privacy is important to you, so we design and operate our services with the
protection of your privacy in mind. If you enroll in SenderBase Network Participation, Cisco will collect
aggregated statistics about your organization’s email traffic; however, we do not collect or use any
personally identifiably information. Any information Cisco collects that would identify your users or
your organization will be treated as confidential.
protection of your privacy in mind. If you enroll in SenderBase Network Participation, Cisco will collect
aggregated statistics about your organization’s email traffic; however, we do not collect or use any
personally identifiably information. Any information Cisco collects that would identify your users or
your organization will be treated as confidential.
Why should I participate?
Participating in the SenderBase Network helps us help you. Sharing data with us is important to helping
stop email-based threats such as spam, viruses and directory harvest attacks from impacting your
organization. Examples of when your participation is especially important include:
stop email-based threats such as spam, viruses and directory harvest attacks from impacting your
organization. Examples of when your participation is especially important include:
•
Email attacks that are specifically targeted at your organization, in which case the data you
contribute provides the primary source of information to protect you.
contribute provides the primary source of information to protect you.
•
Your organization is one of the first to be hit by a new global email attack, in which case the data
you share with us will dramatically improve the speed with which we are able to react to a new
threat.
you share with us will dramatically improve the speed with which we are able to react to a new
threat.
What data do I share?
The data is summarized information on message attributes and information on how different types of
messages were handled by Cisco appliances. We do not collect the full body of the message. Again,
information provided to Cisco that would identify your users or your organization will be treated as
confidential. (See
messages were handled by Cisco appliances. We do not collect the full body of the message. Again,
information provided to Cisco that would identify your users or your organization will be treated as
confidential. (See
below).
explain a sample log entry in a “human-friendly” format.
Table 36-1
Statistics Shared Per Cisco Appliance
Item
Sample Data
MGA Identifier
MGA 10012
Timestamp
Data from 8 AM to 8:05 AM on July 1, 2005
Software Version Numbers
MGA Version 4.7.0
Rule Set Version Numbers
Anti-Spam Rule Set 102
Anti-virus Update Interval
Updates every 10 minutes
Quarantine Size
500 MB
Quarantine Message Count
50 messages currently in quarantine
Virus Score Threshold
Send messages to quarantine at threat level 3 or
higher
higher
Sum of Virus Scores for messages entering
quarantine
quarantine
120
Count of messages entering quarantine
30 (yields average score of 4)
Maximum quarantine time
12 hours
Count of Outbreak quarantine messages broken
down by why they entered and exited quarantine,
correlated with Anti-Virus result
down by why they entered and exited quarantine,
correlated with Anti-Virus result
50 entering quarantine due to .exe rule
30 leaving quarantine due to manual release, and all
30 were virus positive
30 were virus positive