User Guide
Contents
ix
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Detection Methods 12-3
Virus Descriptions 12-4
Sophos Alerts 12-4
When a Virus is Found 12-4
McAfee Anti-Virus Filtering 12-5
Pattern-Matching Virus Signatures 12-5
Encrypted Polymorphic Virus Detection 12-5
Heuristics Analysis 12-5
When a Virus is Found 12-6
How to Configure the Appliance to Scan for Viruses 12-6
Enabling Virus Scanning and Configuring Global Settings 12-7
Configuring Virus Scanning Actions for Users 12-7
Configuring the Anti-Virus Policies for Different Groups of Senders and Recipients 12-13
Notes on Anti-Virus Configurations 12-14
Flow Diagram for Anti-Virus Actions 12-15
Sending an Email to the Appliance to Test Anti-Virus Scanning 12-16
Updating Virus Definitions 12-18
About Retrieving Anti-Virus Updates via HTTP 12-18
Configuring Update Server Settings 12-18
Monitoring and Manually Checking for Anti-Virus Updates 12-18
Verifying Anti-Virus Files Have Updated on the Appliance 12-20
CHAPTER
13 Anti-Spam 13-1
Overview of Anti-Spam Scanning 13-1
Anti-Spam Solutions 13-2
How to Configure the Appliance to Scan Messages for Spam 13-2
IronPort Anti-Spam Filtering 13-3
Evaluation Key 13-3
Cisco Anti-Spam: an Overview 13-4
Configuring IronPort Anti-Spam Scanning 13-5
Cisco Intelligent Multi-Scan Filtering 13-6
Configuring Cisco Intelligent Multi-Scan 13-7
Defining Anti-Spam Policies 13-7
Understanding Positive and Suspect Spam Thresholds 13-10
Configuration Examples: Actions for Positively Identified versus Suspected Spam 13-11
Unwanted Marketing Messages From Legitimate Sources 13-11
Using Custom Headers to Redirect URLs in Suspected Spam to the Cisco Web Security Proxy:
Configuration Example
13-11