Transcription
Know more about the ESA andfunctionalitiesArmando SanchezDecember 2021
What's coming up? 2021 Cisco and/or its affiliates. All rights reserved.2
Community Helping CommunityHelpful VotesAccepted SolutionsCisco donates 1 to the fundSave the Children for your everyaction!Subscribe to categoriesFill out your profilePost documents#HelpingTheCommunityCheck here 2021 Cisco and/or its affiliates. All rights reserved.3
Spotlight AwardsGet recognized by the Cisco CommunityNew Awardees every month!Stand out for your effort and commitmenthelping other members. Spotlight Awardshighlight outstanding members. Be the nextrecipient!Now you can also nominate a candidate!Click here 2021 Cisco and/or its affiliates. All rights reserved.4
Connect, Engage, Collaborate!When you ask aQuestion and receivea correct Answer,accept it as a solution!That helps other usersfind correct answers. 2021 Cisco and/or its affiliates. All rights reserved.We all are sensitive tobe highlighted.Helpful votes motivateenthusiastic membersby giving them atoken of recognition!5
Our ExpertDownload the Presentation!Armando SanchezPresenter 2021 Cisco and/or its affiliates. All rights reserved.6
Cisco Secure Email GatewaybyArmando SánchezMXCCENTERSDec 14th , 2021 2021 Cisco and/or its affiliates. All rights reserved.7
AgendaEmail AuthenticationSecurity EnginesAPI’sEmail RemediationMXCCENTERS 2021 Cisco and/or its affiliates. All rights reserved.8
Email AuthenticationSPF DKIM DMARC 2021 Cisco and/or its affiliates. All rights reserved.9
Sender Policy Framework (SPF) is an email authenticationprotocol that domain owners use to specify the emailservers they send email from, making it harder for fraudstersto spoof sender information.MXCCENTERSEmail AuthenticationSPF, DKIM, DMARC.DKIM (DomainKeys Identified Mail) is a protocol that allows anorganization to take responsibility for transmitting a message bysigning it in a way that mailbox providers can verify.DMARCDMARC (Domain-based Message Authentication, Reporting, andConformance), is a DNS TXT Record that can be publishedfor a domain to control what happens if a message dkim-dmarc.pdf 2021 Cisco and/or its affiliates. All rights reserved.10
MXCCENTERSEmail AuthenticationSPF, DKIM, DMARC. 2021 Cisco and/or its affiliates. All rights reserved. SPF and DMARC are DNS based configurations Under the ESA we just need to activate theverifications under the policies. For DKIM if we are signing with the ESA we need tocreate a profile in order to sign the domain.11
Security Engines 2021 Cisco and/or its affiliates. All rights reserved.12
We know the importance of Security under our emails.MXCCENTERSSecurity Engines 2021 Cisco and/or its affiliates. All rights reserved. Anti-SpamAnti-VirusAdvanced Malware Protection (AMP)GraymailURL ReputationOutbreak Filters13
API’s 2021 Cisco and/or its affiliates. All rights reserved.14
MXCCENTERSAPI’s 2021 Cisco and/or its affiliates. All rights reserved. The AsyncOS API for Cisco Secure Email Gateway (or AsyncOS API) is arepresentational state transfer (REST) based set of operations that providesecure and authenticated access to the email gateway reports, reportcounters, and tracking Requirements: Enable APIs User Account Testing App or script curity/esa/esa14-0/api/b ESA API Guide 140/b ESA API Guide chapter 01.html15
resource}/{resource attributes}where:MXCCENTERS{appliance}:{port} is the FQDN or the IP address of the email gatewayand the TCP port number on which the email gateway is listening.{resource} is the resource you are attempting to access, for example,reports, tracking, quarantine, configuration, or other counters.API’s{resource attributes} are the supported attributes for a resource, forexample, duration, and so on.Each request must contain user credentials, or a validauthorization header.Each request must be set to accept: application/json 2021 Cisco and/or its affiliates. All rights reserved.16
MXCCENTERSAPI’s 2021 Cisco and/or its affiliates. All rights reserved. Examples: GET /api/v2.0/login/privilegesGET /api/v2.0/health/GET /esa/api/v2.0/config/system time?GET /esa/api/v2.0/config/appliances? eguides-list.html17
Email Remediation 2021 Cisco and/or its affiliates. All rights reserved.18
What is Remediation? Email Remediation is a securelayer when an email when it is not desired orchanged their reputation within AMP engine, will bedeleted or forwarded from the user's mailbox. Exchange On Premise / Office365 or Hybrid (GraphAPI)MXCCENTERSEmail Remediation 2021 Cisco and/or its affiliates. All rights reserved.19
Mailbox Auto Remediation (MAR) vs Search andRemediate : The main difference is when it istriggeredMAR AMP retrospective verdict receivedSearch and Remediate manual trigger theremediation via Tracking. MXCCENTERSEmail Remediation 2021 Cisco and/or its affiliates. All rights reserved.20
Base Link: ation-guideMXCTroubleshooting:CENTERS Email Remediation 2021 Cisco and/or its affiliates. All rights reserved. Validate FW rules between ESA and Exchangeserver.Check traiblaizer config under ESA/SMA andaccess to port 4431.Check certificate configuration if you are using acustom certificate, verify it is added into the ESACustom List.21
Do you still have questions?Use the "Q&A" panel
Forum Ask Me AnythingFind our expert on the Discussion ForumAny new questions on the topic of this webinar will be answeredthereafter until this Friday: December 17, 2021Submit a new QuestionAre you a New Member? Ask all your questions before the end of the monthand maybe you will become the next Spotlight Awardee! 2021 Cisco and/or its affiliates. All rights reserved.24
Wherever you are, stay connected . 2021 Cisco and/or its affiliates. All rights reserved. Facebook CiscoSupportCommunity Twitter @cisco support YouTube CiscoSupportChannel LinkedIn Cisco Community Instagram CiscoSupportCommunity25
Do you have any Comments?Take our Survey!
The AsyncOS API for Cisco Secure Email Gateway (or AsyncOS API) is a representational state transfer (REST) based set of operations that provide secure and authenticated access to the email gateway reports, report counters, and tracking
