--> Outbreak filters are used in conjunction with Anti Virus and Anti Spam in ESA to detect spam and viruses.
--> Anti virus system uses signatures to identify viruses in e-mail.
--> Anti-Virus systems cant detect zero-day attacks as the antivirus signatures are not updated.
--> In order to detect zero-day attacks, ESA uses outbreak filters or virus outbreak filters.
--> By default Outbreak filters are only enabled for incoming email, not for outgoing emails.
--> When Virus outbreak filter detects any emails with spam or zero-day attacks, it sends the email to quarantine.
--> Virus outbreak filters use Cisco security intelligence to detect zero-day attacks.
Md.Kareem
CCIE #54759
--> Anti virus system uses signatures to identify viruses in e-mail.
--> Anti-Virus systems cant detect zero-day attacks as the antivirus signatures are not updated.
--> In order to detect zero-day attacks, ESA uses outbreak filters or virus outbreak filters.
--> By default Outbreak filters are only enabled for incoming email, not for outgoing emails.
--> When Virus outbreak filter detects any emails with spam or zero-day attacks, it sends the email to quarantine.
--> Virus outbreak filters use Cisco security intelligence to detect zero-day attacks.
Md.Kareem
CCIE #54759
0 comments:
Post a Comment