September 2017
Beginner to intermediate
436 pages
12h 33m
English
Content preview from Implementing Cisco Networking Solutions
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Email services
Email is the most commonly used attack medium by attackers. This is because emails cannot be detected by commonly used next generation firewalls as malicious, as they appear on the network as TCP/IP traffic that is allowed as per the organization's security policy.
Devices such as Email Security Appliance (ESA) from Cisco are special purpose devices that are tuned to detect any malicious traffic within emails. These devices act like the SMTP relay agents for the mail servers of the organization, and all traffic coming in from the internet and going out to the internet from the mail servers passes through the ESA devices. The ESA device does a deep lookup inside the application headers, including the email contents and the attachments, ...