Please read and review the entire release notes:
The Cisco Advanced Phishing Protection engine on the Cisco Email Security Gateway checks the unique behavior of all legitimate senders, based on the historic email traffic sent to your organization. The cloud service interface of Cisco Advanced Phishing Protection provides risk analysis to distinguish good messages from potentially malicious messages.
The Cisco Advanced Phishing Protection cloud service relies on the email gateway as a sensor engine to receive a copy of the message metadata sent inbound into your organization. This sensor engine collects metadata such as message headers from the email gateway and relays them to the Cisco
Advanced Phishing Protection cloud service for analysis. After the analysis, potentially malicious messages are remediated from the recipient mailbox automatically based on the pre-configured policies on the Cisco Advanced Phishing Protection cloud service.
The ability to use the Cisco Email Security Gateway as a sensor engine helps an organization to:
- Identify, investigate, and remediate threats, observed on the message headers from the recipient mailbox.
- View the reporting data of the metadata of the message from multiple email gateways in your organization.
- Send real-time alerts to the end-users about malicious messages.
For more information, see “Integrating the Cisco Email Security Gateway with Cisco Advanced Phishing Protection” chapter in the user guide.
The Service Logs feature is used to collect personal data based on the Cisco Email Security Appliance Data Sheet guidelines.
The Service Logs are sent to the Cisco Talos Cloud service to improve Phishing detection.
For more information, see "Enabling Service Logs on Appliance", page 6 in the Release Notes.
The Cisco Email Security appliance now provides improved IP Reputation and URL Reputation services for faster and better Phishing catch rates.
For more information, see the User Guide for AsyncOS 13.5 for Cisco Email Security Appliances.
If you have configured an HTTP proxy server, the IP Reputation, and URL Reputation services, and Service Logs will directly connect to the Internet to get the IP and URL reputations. If you want to use a proxy for these services, then configure the HTTPS proxy server on your email gateway.
If you have configured an HTTPS proxy server, make sure that you do not configure the proxy server to decrypt the HTTPS traffic originating from your email gateway.
AsyncOS 13.5 Release Notes (https://cs.co/13_5_release_notes)
- (All) Secure Email Release Notes
- (All) Secure Email User Guides
- (All) Command Line Reference Guides
- Compatibility Matrix for Cisco Content Security Management Appliances
Updated 7 months ago