Email Security

Cisco Secure Email Upcoming Events

Getting Started with Cisco Secure Email Threat Defense Join us as our experts walk you through some of the fundamentals, key concepts, and outcomes of the Cisco Secure Email Threat Defense product. We will help you gain the insight needed to create a...

How to configure ESAv C100V for on demand outbound email encytpion only?

I want to setup a outbound configuration only on a ESAv C100V. But rather than have all outbound traffic flow through the C100V, can I just setup a policy that when triggered (via #secure# added to the subject line) routes the outbound email to be en...

Trying to get a Cisco ESA and Cisco WSA appliance up and running in EVE-NG.

Have run through the steps on the EVE support site. Sometimes the device gets an IP and the GUI comes up, but will not allow me to login.Sometimes the device does not get an IP at all. I'm running the lab from my PC which is an i7 with 16GB of RAM an...

False negatives for DLP filters - Spreasheets

Hello all,We are evaluating DLP on an ESA C170. Overall, it's going pretty well. One of the DLP policies I turned on is the out-of-the-box "Suspicious Transmission (Spreadsheets to Webmail) policy. While it does trigger, I realized that it is also...

Resolved! Message rejected by Host access table.

Message rejected by Host access table. Begin recipient logging... Message from sender @xxx rejected by host access table. But it happens intermittent and some emails get delivered to user without any issue. Any leads please advise Thanks you. Rega...

Resolved! Cisco ESA Suspected URL

Dear all. I configured url filtering and added -5 -3 (Custom Range) for Suspected url. But some emails (with legitimate urls inside it) get blocked by esa due to newly created suspected url content filter. Could you please tell me how can I see the e...

Resolved! Cisco SMA Configure Cipher Suite

Hi, I tried to update SMA cipher using cli (sslconfig) but not able to do it because SMA does not behave the same as ESA. I found from other discussion that for SMA, I need to change the configuration on the config file and then upload the config fil...

Resolved! I couldnt find document send by other domain

Dear all. yesterday a company send our user an email with docx file attached. Email content reached to users but file not. I didn't understand what caused that file to be disappeared. NOte. I looked at monitoring logs and found out that Attachment is...

DMARC - SPF permerror, DKIM ignored?

Seeing an odd issue with a particular mail provider... they currently have a broken SPF record (syntax error due to an errant space character). In the mail logs i'm seeing evidence of the SPF check being done, but then it goes straight on to perform...

DLP policy for state privacy regulations (Washington SB-6043 in my case)

I am trying to enable the DLP rule for Washington state privacy regulations. I tried using the preconfigured template, but I get a lot of false-positives. Does anyone have experience setting these up or customizing the template? This is new for me. W...

Subsecond timestamps for Cisco ESA Ironport textmail logs

The Ironport text logs on the Cisco Email Security Appliance have timestamps that go down to the second, but not the millisecond - like this: Tue Aug 20 16:57:21 2019 This can make things very confusing when you send the logs to a SIEM: each event ca...

Resolved! ESA/CES - Procedure to register clustered appliances to AMP for Endpoints - Clarification

After following this document, I do not understand how to accomplish step 5 without over writing the cluster config. https://www.cisco.com/c/en/us/support/docs/security/amp-endpoints/213585-esa-ces-procedure-to-register-clustere.html Step 5 - Switch ...

Resolved! AMP not sending unknown files for file analysis

I am trying to get AMP for ESA set up on our IronPort C170 appliance running ASyncOS 11.0.3. I believe I have my settings correct, however, files that have a verdict of unknown are not being uploaded for analysis. Perhaps I'm missing something? I hav...

Resolved! Pls help me to understand

For Version 12.5 on SSL Cert-Config is written:"TLSv1.0 and TLSv1.1 cannot be enabled simultaneously, but both can be enabled for use with TLSv1.2." What does it mean?TLSv1.2 + v1.1 + v1.0 enabled is NOT ok?butTLSv1.2 + v1.1 OR TLSv1.2 + v1.0 is ok? ...

What are the possible values of the "filetype" content-filter variable?

Hi, we want to attach a header to our mails with the attached mime-types. In the Content-Filter/Action Variables documentation section we found a list of possible variables. The "filetypes" variable sounded very promising: File Types$filetypesReplace...

Recommended SSL Cipher Configuration for Cisco SMA and ESA

Hi, I found recommended SSL Cipher from link "https://community.cisco.com/t5/email-security/scan-revealed-weak-ssl-cipher/td-p/2805757" but the discussion is from 2016. Can I know what is the latest SSL Cipher recommended by Cisco for CIsco SMA and E...

Email Security

Forum Posts

Cisco Secure Email Upcoming Events

How to configure ESAv C100V for on demand outbound email encytpion only?

Trying to get a Cisco ESA and Cisco WSA appliance up and running in EVE-NG.

False negatives for DLP filters - Spreasheets

Resolved! Message rejected by Host access table.

Resolved! Cisco ESA Suspected URL

Resolved! Cisco SMA Configure Cipher Suite

Resolved! I couldnt find document send by other domain

DMARC - SPF permerror, DKIM ignored?

DLP policy for state privacy regulations (Washington SB-6043 in my case)

Subsecond timestamps for Cisco ESA Ironport textmail logs

Resolved! ESA/CES - Procedure to register clustered appliances to AMP for Endpoints - Clarification

Resolved! AMP not sending unknown files for file analysis

Resolved! Pls help me to understand

What are the possible values of the "filetype" content-filter variable?

Recommended SSL Cipher Configuration for Cisco SMA and ESA

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

Knowledge Hub: Cisco Technology for Securing the Enterprise

Announcing Resources That Guide You to Success

Cisco CES - Duplicate values

Cisco Email and Web Message Remediation API

Problems with Email Gateway C600V

upgrade cisco attendant console from 11.0.2 to 14

Firmware update package Cisco IMC CVE-2024-20295 CVE-2024-20356

Grouping content filter condition criteria

Delayed Deliveries Overnight

Increase maximum number of recipients for one sender

DLP Report on ESA