Руководство Пользователя для Cisco Cisco Email Security Appliance C170
17-6
AsyncOS 9.0 for Cisco Web Security Appliances User Guide
Chapter 17 File Reputation Filtering and File Analysis
Configuring File Reputation and Analysis Features
Configuring an On-Premises File Analysis Server
If you will use a Cisco AMP Threat Grid Appliance as a private-cloud file analysis server:
•
Obtain the Cisco AMP Threat Grid Appliance Setup and Configuration Guide and the Cisco AMP
Threat Grid Appliance Administration Guide. Cisco AMP Threat Grid Appliance documentation is
available from
Threat Grid Appliance Administration Guide. Cisco AMP Threat Grid Appliance documentation is
available from
Use this documentation to perform the tasks described in this topic.
Additional documentation is available from the Help link in the AMP Threat Grid appliance.
In the Administration Guide, search for information about all of the following: integrations with
other Cisco appliances, CSA, Cisco Sandbox API, ESA, and Email Security Appliances, .
other Cisco appliances, CSA, Cisco Sandbox API, ESA, and Email Security Appliances, .
•
Set up and configure the Cisco AMP Threat Grid Appliance.
•
If necessary, update your Cisco AMP Threat Grid Appliance software to version 1.2.1, which
supports integration with Cisco Email Security appliances .
supports integration with Cisco Email Security appliances .
See the AMP Thread Grid documentation for instructions for determining the version number and
for performing the update.
for performing the update.
•
Ensure that your appliances can communicate with each other over your network. Cisco Email
Security appliances must be able to connect to the CLEAN interface of the AMP Threat Grid
appliance.
Security appliances must be able to connect to the CLEAN interface of the AMP Threat Grid
appliance.
•
If you will deploy a self-signed certificate: Generate a self-signed SSL certificate from the Cisco
AMP Threat Grid appliance to be used on your Email Security appliance. See instructions for
downloading SSL certificates and keys in the administrator’s guide for your AMP Threat Grid
appliance. Be sure to generate a certificate that has the hostname of your AMP Threat Grid appliance
as CN. The default certificate from the AMP Threat Grid appliance does NOT work.
AMP Threat Grid appliance to be used on your Email Security appliance. See instructions for
downloading SSL certificates and keys in the administrator’s guide for your AMP Threat Grid
appliance. Be sure to generate a certificate that has the hostname of your AMP Threat Grid appliance
as CN. The default certificate from the AMP Threat Grid appliance does NOT work.
•
Registration of your Email Security appliance with your Threat Grid appliance occurs automatically
when you submit the configuration for File Analysis, as described in
when you submit the configuration for File Analysis, as described in
. However, you must activate the registration as
described in the same procedure.
Enabling and Configuring File Reputation and Analysis Services
Before You Begin
•
Acquire feature keys for the file reputation service and the file analysis service.
•
Meet the
.
•
Verify connectivity to the update servers configured on the Updates page .
•
If you will use a Cisco AMP Threat Grid Appliance as a private cloud file analysis server, see
.
Step 1
Select Security Services > File Reputation and Analysis.
Step 2
Click Enable.
Step 3
Click Edit Global Settings.
Step 4
Select Enable File Reputation.