Getting Started with Cisco Secure Email Threat Defense Join us as our experts walk you through some of the fundamentals, key concepts, and outcomes of the Cisco Secure Email Threat Defense product. We will help you gain the insight needed to create a...
Forum Posts
Seeing an odd issue with a particular mail provider... they currently have a broken SPF record (syntax error due to an errant space character). In the mail logs i'm seeing evidence of the SPF check being done, but then it goes straight on to perform...
I am trying to enable the DLP rule for Washington state privacy regulations. I tried using the preconfigured template, but I get a lot of false-positives. Does anyone have experience setting these up or customizing the template? This is new for me. W...
The Ironport text logs on the Cisco Email Security Appliance have timestamps that go down to the second, but not the millisecond - like this: Tue Aug 20 16:57:21 2019 This can make things very confusing when you send the logs to a SIEM: each event ca...
After following this document, I do not understand how to accomplish step 5 without over writing the cluster config. https://www.cisco.com/c/en/us/support/docs/security/amp-endpoints/213585-esa-ces-procedure-to-register-clustere.html Step 5 - Switch ...
I am trying to get AMP for ESA set up on our IronPort C170 appliance running ASyncOS 11.0.3. I believe I have my settings correct, however, files that have a verdict of unknown are not being uploaded for analysis. Perhaps I'm missing something? I hav...
Resolved! Pls help me to understand
For Version 12.5 on SSL Cert-Config is written:"TLSv1.0 and TLSv1.1 cannot be enabled simultaneously, but both can be enabled for use with TLSv1.2." What does it mean?TLSv1.2 + v1.1 + v1.0 enabled is NOT ok?butTLSv1.2 + v1.1 OR TLSv1.2 + v1.0 is ok? ...
Hi, we want to attach a header to our mails with the attached mime-types. In the Content-Filter/Action Variables documentation section we found a list of possible variables. The "filetypes" variable sounded very promising: File Types$filetypesReplace...
Hi, I found recommended SSL Cipher from link "https://community.cisco.com/t5/email-security/scan-revealed-weak-ssl-cipher/td-p/2805757" but the discussion is from 2016. Can I know what is the latest SSL Cipher recommended by Cisco for CIsco SMA and E...
I was investigating an email slowdown this morning and when I brought up one of our Cloud CES ESA's in a browser it showed that the listener was suspended. I went to the CLI-Log and I can see this: Mon Aug 19 08:14:58 2019 Info: PID 84174: User cics...
Dear all. yesterday I configured External Threat Feed in cisco esa. In order test it I send malicious url from my personal email to corporate email. that email directly send to Outbreak quarantine and approximately 1 hour later that email released fr...
I have problem with my Cisco ESA C170 it's connection refused through HTTP and SSH, I try access via console cable, yes can but there are a few log show after that C170 is reject to Login again. Any Idea to solve this issue.Thank you for you advice. ...
Is there any way to use ESA to identify Auto Forward and BCC Emails?
Dear Team, In regards to email security appliance security audit. please share the document or checklist to identify the weakness / best practices to strengthen the CISCO c390 appliance. Regards,Durgesh GuptaM: 9911811169
Ive been attempting to register the CSSP v1.0 with cisco threat reponse. I follow the documentation and it sits and registering constantly. I generated the token like the doc says and followed all the directions. level=debug msg="[cssp-771fe1][manag...
Rendering of the incoming_content_filters through the web gui for ESA is taking over a minute. Other pages download quickly. Using web developer tools in the browser to provide information, for example HAT overview - 1.54s RAT overview - 2.08s ...
