Руководство Пользователя для Cisco Cisco Email Security Appliance C160
15-13
Cisco AsyncOS 9.5 for Email User Guide
Chapter 15 Outbreak Filters
Managing Outbreak Filters
Step 3
Depending on your requirements, do the following:
•
Enable Outbreak Filters globally
•
Enable Adaptive Rules scanning
•
Set a maximum size for files to scan (note that you are entering the size in bytes)
•
Enable alerts for the Outbreak Filter
•
Enable Web Interaction Tracking. See
.
Step 4
Submit and commit your changes.
This functionality is also available via the
outbreakconfig
CLI command (see the Cisco AsyncOS CLI
Reference Guide). After you make your changes, submit and commit them.
Note
You cannot enable the logging of URLs using the web interface. For instructions to enable logging of
URLs using CLI, see
URLs using CLI, see
.
Enabling the Outbreak Filters Feature
To enable the Outbreak Filters feature globally, check the box next to Enable Outbreak Filters on the
Outbreak Filters Global Settings page, and click Submit. You must have agreed to the Outbreak Filters
license agreement first.
Outbreak Filters Global Settings page, and click Submit. You must have agreed to the Outbreak Filters
license agreement first.
Once enabled globally, the Outbreak Filters feature can then be enabled or disabled individually for each
incoming and outgoing mail policy, including the default policies. For more information, see
incoming and outgoing mail policy, including the default policies. For more information, see
The Outbreak Filters feature uses the Context Adaptive Scanning Engine (CASE) to detect viral threats,
regardless of whether anti-spam scanning is enabled, but you do need to have Anti-Spam or Intelligent
Multi-Scan enabled globally on the appliance in order to scan for non-viral threats.
regardless of whether anti-spam scanning is enabled, but you do need to have Anti-Spam or Intelligent
Multi-Scan enabled globally on the appliance in order to scan for non-viral threats.
Note
If you have not already agreed to the license during system setup (see
must click Enable on the Security Services > Outbreak Filters page, and then read and agree to the
license.
license.
Enabling Adaptive Rules
Adaptive Scanning enables the use of Adaptive Rules in Outbreak Filters. A set of factors or traits (file
size, etc.) are used to determine the likelihood of a message being part of an outbreak when no virus
signature or spam criteria relating to the message’s content is available. To enable Adaptive Scanning,
check the box next to Enable Adaptive Rules on the Outbreak Filters Global Settings page, and click
Submit.
size, etc.) are used to determine the likelihood of a message being part of an outbreak when no virus
signature or spam criteria relating to the message’s content is available. To enable Adaptive Scanning,
check the box next to Enable Adaptive Rules on the Outbreak Filters Global Settings page, and click
Submit.
Enabling Alerts for Outbreak Filters
Check the box labeled “Emailed Alerts” to enable alerting for the Outbreak Filters feature. Enabling
emailed alerts for Outbreak Filters merely enables the alerting engine to send alerts regarding Outbreak
Filters. Specifying which alerts are sent and to which email addresses is configured via the Alerts page
in the System Administration tab. For more information on configuring alerts for Outbreak Filters, see
emailed alerts for Outbreak Filters merely enables the alerting engine to send alerts regarding Outbreak
Filters. Specifying which alerts are sent and to which email addresses is configured via the Alerts page
in the System Administration tab. For more information on configuring alerts for Outbreak Filters, see