I was working with Cisco ESA (previously – Ironport) lately and would like to write down some notes about how it works (at least the basics). I’ve already covered spam and antivirus testing techniques in a previous post. Here I’ll try to walk through the message filtering steps performed by a Cisco ESA appliance.
It might come in a greenfield antispam / antivirus deployment or during an audit that one needs to make sure that the protection (against spam or viruses) is enabled (N.B.: measuring protection efficiency is a completely different problem) and the configured policies are applied as expected. As with any program testing, for that task we need sample input… Read More »
There seems to be an ongoing battle between some people who want an antivirus in every virtual machine and some other people who do not see any benefit it wasting cycles (and memory) on it. Recently, I discovered for myself that there is a middle-ground solution: to run an antivirus centrally for every virtual machine present on the… Read More »