Cisco Email Security Appliance

Cisco Outbreak Filters

Stop Malware More Quickly

Cisco IronPort Outbreak Filters provide a critical first layer of defense against new outbreaks. With this proven preventive solution, protection begins hours before signatures used by traditional antivirus solutions are in place. Real-world results show an average 14-hour lead time over reactive antivirus solutions.

Cisco IronPort has an extremely high catch rate and near-zero misclassifications.

As part of the Cisco IronPort C-Series email security appliances, Cisco IronPort Outbreak Filters assess the threats of inbound and outbound messages. They also temporarily quarantine suspicious messages. Messages are then automatically released once signatures from traditional antivirus vendors are deployed.

Download Data Sheet (PDF - 262 KB)

Figure 1
Over 120,000 organizations participate in the SenderBase Network, helping to enable the world's largest email traffic monitoring system


Fast, Accurate Detection

SenderBase, the world's largest email and web traffic monitoring network, provides real-time protection. The Cisco IronPort SenderBase Network captures data from over 120,000 contributing organizations around the world. This provides a remarkable 30 percent coverage of the world's email traffic. High-performing capabilities accurately identify anomalies that are proven predictors of an outbreak.

The Cisco IronPort Threat Operation Center provides human oversight around the clock to help ensure speed and accuracy. Experienced analysts use sophisticated tools to verify anomalies and approve automatically generated Outbreak Rules. A customer-facing website also is continuously updated with data on current outbreaks.

Automatic Protection

The Cisco IronPort exclusive Context Adaptive Scoring Engine (CASE) automatically scans messages. Both "real-time" Outbreak Rules and "always on" Adaptive Rules are accurately identified to temporarily quarantine viral messages.

The Cisco IronPort unique Dynamic Quarantine immediately quarantines suspicious messages needing only limited information. Quarantined messages are continuously re-evaluated by Cisco IronPort Outbreak Filters. Messages are released if they do not match the latest and increasingly tightly defined rules.

Comprehensive Management

An integrated web-based user interface makes it easy to set up and configure a solution to meet corporate-specific requirements. Administrators easily configure policy parameters, select the enabled forms of protection, and more.

A full suite of alerts and reports, and a detailed support website, help ensure visibility into global and local outbreak activity.

Industry-leading efficiency plus automated quarantine and release mean less ongoing administration. Minimal misclassifications help reduce administrator intervention and customer support overhead. In addition, the Dynamic Quarantine helps enable automated release, based on updated signature.


Proven Results

Cisco IronPort Outbreak Filters are an industry-proven preventive solution for catching new outbreaks. Since 2005, Cisco IronPort Outbreak Filters prevented virus outbreaks from infecting top ISPs, Fortune 500, and Global 2000 companies, as well as major universities.

The solution has a track record of providing protection up to 42 hours ahead of traditional antivirus solutions, along with a high catch rate and minimal misclassifications.

Increased Cost Savings

Cisco IronPort Outbreak Filters protect companies of all sizes against significant network damage by detecting new outbreaks in real time. Hours before a traditional antivirus signature is in place, this solution dynamically responds to stop infected messages.

Easily Measurable

On average, Cisco IronPort Outbreak Filters at a typical Global 2000 company block more than 10,000 infected messages per outbreak. At this rate, the solution pays for itself in a single outbreak.

Easy Setup, Zero Ongoing Administration

Cisco IronPort Outbreak Filters is easy to set up and configure to meet corporate-specific requirements. It is fully automated and requires no ongoing management.

Administrators can be "hands-on" or let the automatic Dynamic Quarantine take care of blocking, scanning, and releasing messages. This saves valuable bandwidth and system resources. Administrators have complete visibility to outbreak activity

Additional Resources

Related Pages

Email Security