Securing Email with Cisco Email Security Appliance (SESA) v3.1

• Cisco Email Security Appliance Overview.
• Technology Use Case.
• Cisco Email Security Appliance Data Sheet.
• SMTP Overview.
• Email Pipeline Overview.
• Installation Scenarios.
• Initial Cisco Email Security Appliance Configuration.
• Centralizing Services on a Cisco Content Security Management Appliance.
• Releasing Notes for AsyncOS 11.x

• Public/Private Listeners.
• Configuring the Gateway to Receive Email.
• Host Access Table Overview.
• Recipient Access Table Overview.
• Configuring Routing/Delivery Features.

• SenderBase Overview.
• Anti-Spam.
• Managing Graymail.
• Protecting Against Malicious/Undesirable URLs.
• File Reputation Filtering/File Analysis.
• Bounce Verification.

• Anti-Virus Scanning Overview.
• Sophos/McAfee Anti-Virus Filtering.
• Configuring the Appliance to Scan for Viruses.
• Outbreak Filters.
• How the Outbreak Filters Feature Works.
• Managing Outbreak Filters.

Email Security Manager Overview.
Mail Policies Overview.
Handling Incoming/Outgoing Messages Differently.
Matching Users to a Mail Policy.
Message Splintering.
Configuring Mail Policies.

• Content Filters Overview.
• Content Filter Conditions/Actions.
• Filtering Messages Based on Content.
• Text Resources Overview.
• Using/Testing the Content Dictionaries Filter Rules.
• Understanding Text Resources.
• Text Resource Management.
• Using Text Resources.

• Message Filters Overview.
• Components of a Message Filter.
• Message Filter Processing/Rules/Actions.
• Attachment Scanning.
• Examples of Attachment Scanning Message Filters.
• Using the CLI to Manage Message Filters.
• Message Filter Examples.
• Configuring Scan Behavior.

• Overview of the Data Loss Prevention (DLP) Scanning Process.
• Setting Up Data Loss Prevention.
• Policies for Data Loss Prevention.
• Message Actions.
• Updating the DLP Engine/Content Matching Classifiers.

• Overview of LDAP.
• Working with LDAP.
• Using LDAP Queries.
• Authenticating End-Users of the Spam Quarantine.
• Configuring External LDAP Authentication for Users.
• Testing Servers/Queries.
• Using LDAP for Directory Harvest Attack Prevention.
• Spam Quarantine Alias Consolidation Queries.
• Validating Recipients Using an SMTP Server.

• Configuring AsyncOS for SMTP Authentication.
• Authenticating SMTP Sessions Using Client Certificates.
• Checking the Validity of a Client Certificate.
• Authenticating User Using LDAP Directory.
• Authenticating SMTP Connection Over Transport Layer Security (TLS).
• Using a Client Certificate.
• Establishing a TLS Connection from the Appliance.
• Updating a List of Revoked Certificates.
   

• Email Authentication Overview.
• Configuring DomainKeys/DomainKeys Identified Mail (DKIM) Signing.
• Verifying Incoming Messages Using DKIM.
• Overview of Sender Policy Framework (SPF)/SIDF Verification.
• Domain-based Message Authentication Reporting and Conformance.
• DMARC Verification.
• Forged Email Detection.

• Overview of Cisco Email Encryption.
• Encrypting Messages.
• Determining Which Messages to Encrypt.
• Inserting Encryption Headers into Messages.
• Encrypting Communication with Other Message Transfer Agents (MTAs).
• Working with Certificates.
• Managing Lists of Certificate Authorities.
• Enabling TLS on a Listener’s Host Access Table (HAT).
• Enabling TLS/Certificate Verification on Delivery.
• Secure/Multipurpose Internet Mail Extensions (S/MIME) Security Services.

• Describing Quarantines.
• Spamming Quarantine.
• Setting Up the Centralized Spam Quarantine.
• Using Safelists/Blocklists to Control Email Delivery Based on Sender.
• Configuring Spam Management Features for End Users.
• Managing Messages in the Spam Quarantine.
• Policy, Virus, and Outbreak Quarantines.
• Managing Policy, Virus, and Outbreak Quarantines.
• Working with Messages in Policy, Virus, or Outbreak Quarantines.
• Delivery Methods.

• Overview of Centralized Management Using Clusters.
• Cluster Organization.
• Creating/Joining a Cluster.
• Managing Clusters.
• Cluster Communication.
• Loading a Configuration in Clustered Appliances.
• Best Practices.

• Debugging Mail Flow Using Test Messages: Trace.
• Using the Listener to Test the Appliance.
• Troubleshooting the Network/Listener/Email Delivery/Performance.
• Web Interface Appearance and Rendering Issues.
• Responding to Alerts.
• Troubleshooting Hardware Issues.
• Working with Technical Support.

• Modeling Specifications for Large Enterprises.
• Modeling Specifications for Midsize Enterprises/Small-to-Midsize Enterprises or Branch Offices.
• Cisco Email Security Appliance Model Specifications for Virtual Appliances.
• Packages/Licenses.
   

• Verifying/Testing Cisco ESA Configuration.
• Performing Basic Administration.
• Advanced Malware in Attachments (Macro Detection).
• Protecting Against Malicious/Undesirable URLs Beneath Shortened URLs.
• Protecting Against Malicious/Undesirable URLs Inside Attachments.
• Intelligently Handling Unscannable Messages.
• Leveraging AMP Cloud Intelligence via Pre-Classification Enhancement.
• Integrating Cisco ESA with AMP Console.
• Preventing Threats with Anti-Virus Protection.
• Applying Content/Outbreak Filters.
• Configuring Attachment Scanning and Outbound Data Loss Prevention.
• Integrating Cisco ESA with LDAP and Enabling the LDAP Accept Query.
• Domain Keys Identified Mail (DKIM).
• Sender Policy Framework (SPF).
• Forged Email Detection.
• Configuring the Cisco SMA for Tracking/Reporting.