Руководство Пользователя для Cisco Cisco Email Security Appliance C170

The Email Security Monitor feature on the Cisco IronPort appliance is a powerful, web-based console 
that provides complete visibility into all inbound email traffic for your enterprise.

The Email Security Monitor feature integrates tightly into the system, collecting data from every step in 
the email delivery process, including reputation filtering, anti-spam, anti-virus scanning, Outbreak 
Filters, policy enforcement (including content filters and data loss prevention), and message delivery. 
The database identifies and records each email sender by IP address, while interfacing with the 
SenderBase Reputation Service for real-time identity information. You can instantly report on any email 
sender’s local mail flow history and show a profile that includes the sender’s global record on the 
Internet. The Email Security Monitor feature allows your security team to “close the loop” on who is 
sending mail to your users, the amount of mail sent from and received by your users, and the 
effectiveness of your security policies.

This chapter explains how to:

Access the Email Security Monitor feature to monitor inbound and outbound message flow.

Make mail flow policy decisions (update whitelists, blacklists, and greylists) by querying for a 
sender’s SenderBase Reputation Score (SBRS). You can query on network owners, domains, and 
even individual IP addresses.

Report on mail flow, system status, and mail sent to and from your network.

This chapter contains the following sections:

For any given email sender for incoming mail, the Email Security Monitor database captures critical 
parameters such as: 

Message volume 

Connection history 

Accepted vs. rejected connections

Acceptance rates and throttle limits