Cisco Cisco Email Security Appliance C680 用户指南

Accept the license agreement if presented.

File Analysis is enabled by default. If you do not uncheck Enable File Analysis, the File Analysis 
feature key will be activated after the next commit.

In the File Analysis section, select the file types to send to the cloud for analysis.

Cisco periodically checks for potentially malicious file types to prevent zero day threats. If new 
threats are identified, details of such file types are sent to your appliance through updater 
servers. Select the Other potentially malicious file types option to enable this functionality. If 
you enable this functionality, your appliance will send such file types for analysis in addition to 
the file types you have selected. 

Adjust the following Advanced Settings for File Reputation as needed:

Do not change any other settings in this section without guidance from Cisco support. 

If you will use the cloud service for file analysis: 

Select Advanced Settings for File Analysis. 

Choose the cloud server that is physically nearest to your Email Security appliances . 

Newly available servers will be added to this list periodically using standard update processes. 

If you will use an on-premises Cisco AMP Threat Grid appliance for file analysis: 

Configure Advanced Settings for File Analysis: 

SSL Communication for File Reputation

Check Use SSL (Port 443) to communicate on port 443 
instead of the default port, 32137.

This option also allows you to configure an upstream proxy 
for communication with the file reputation service.

SSL communication over port 32137 may require 
you to open that port in your firewall.

Reputation Threshold

Use value from Cloud Service

Enter custom value

The upper limit for acceptable file reputation scores. 
Scores above this threshold indicate the file is infected.

File Analysis 
Server URL 

Select Private cloud.