I was working with Cisco ESA (previously – Ironport) lately and would like to write down some notes about how it works (at least the basics). I’ve already covered spam and antivirus testing techniques in a previous post. Here I’ll try to walk through the message filtering steps performed by a Cisco ESA appliance.
It might come in a greenfield antispam / antivirus deployment or during an audit that one needs to make sure that the protection (against spam or viruses) is enabled (N.B.: measuring protection efficiency is a completely different problem) and the configured policies are applied as expected. As with any program testing, for that task we need sample input… Read More »