Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1196
Views
0
Helpful
1
Replies

Cisco ESA Questions

sengjiunn
Level 1
Level 1

‎07-01-2016 01:42 AM

Hi Experts,

Need some help on following questions:

a) Can Cisco AMP Threat Grid solution install on the virtual machine and hosted on the customer premise?

b) Can Cisco ESA integrate with third party sandboxing solution beside from AMP Threat Grid?

c) How Cisco AMP cloud handle the file disposition or SHA-256 sent from the customer premise? Will it be keep in the AMP cloud for some time? And will Cisco have full visibility on the file sent from the customer premise?

d) Are Cisco ESA store all inbound and outbound messages including clean messages, spam messages, quarantined messages, suspicious messages etc? And for how long it will store both of them?

e) For encryption feature on Cisco ESA. What if the customer's digital certificate already expired, will it affect the mail flow for the customer? For example, sender unable to send out email and recipient unable to receive and open email as the digital certificate already expired.

f) For Cisco ESA with AMP. Will customer receive non disclosure agreement (NDA) from Cisco saying Cisco will not view or distribute customer information or data after they have purchase AMP feature?

Thanks & Regards,

Steven

Labels:
0 Helpful
1 Reply 1

Mathew Huynh
Cisco Employee
Cisco Employee

‎07-04-2016 04:12 PM

Hello,

a) Can Cisco AMP Threat Grid solution install on the virtual machine and hosted on the customer premise? Are you possibly talking about the On-Premise AMP ThreatGRID appliance ? If so i think they only come as a racked appliance.

AMP ThreatGrid Appliance

b) Can Cisco ESA integrate with third party sandboxing solution beside from AMP Threat Grid?

From my knowledge, we support sandboxing with AMP ThreatGrid on the cloud, else on-premise threatgrid appliance only.

c) How Cisco AMP cloud handle the file disposition or SHA-256 sent from the customer premise? Will it be keep in the AMP cloud for some time? And will Cisco have full visibility on the file sent from the customer premise?

The file will be uploaded to the ThreatGRID servers for sandboxing, the full attachment in question for analysis will be known and seen on the ThreatGRID servers. Further reading on AMP ThreatGRID cloud Here

d) Are Cisco ESA store all inbound and outbound messages including clean messages, spam messages, quarantined messages, suspicious messages etc? And for how long it will store both of them?

All your quarantines configured on the ESA for usage for inbound and outbound (Spam and Policy quarantines) have a retention timing that is customizable for you, so there is no fixed answers. The Virus Outbreak filters Quarantine however will have a variable time of retention based on which rules it matched on outbreak filters. But you can configure a maximum retention time.

e) For encryption feature on Cisco ESA. What if the customer's digital certificate already expired, will it affect the mail flow for the customer? For example, sender unable to send out email and recipient unable to receive and open email as the digital certificate already expired.

If you're looking at the CRES Encryption which requires the purchase of a feature key. You will need to ensure a valid certificate (CA Signed) is available on the ESA otherwise it will not be able to encrypt, this is a requirement on the feature. 

f) For Cisco ESA with AMP. Will customer receive non disclosure agreement (NDA) from Cisco saying Cisco will not view or distribute customer information or data after they have purchase AMP feature?

Unfortunately I cannot answer this query, you may need to speak to your Cisco Sales Engineer to discuss this.

Regards,

Matthew

0 Helpful
Customers Also Viewed These Support Documents