Having Problems with Lots of Spam Passing through Cisco Cloud Email Security Since Last Week?

Published on
3,185 Points
1 Endorsement
Last Modified:

If you're having problems where a lot of messages that Cisco Cloud Email Security would normally filter out have been coming in, it appears to be the result of an upgrade gone wrong. In our case, it took a P1 ticket to get resolved.

We found evidence of an issue by looking at the incoming mail policies (accessible by going to Mail Polices > Incoming Mail Policies):

You will notice that the Anti-Spam, Anti-Virus, and Graymail columns are all showing "Not Available". That is because they are all disabled. These all need to be enabled to get things working normally again.

When we accessed the Cisco IronPort Anti-Spam settings, it showed that it was globally turned off. (This can be accessed by going to Security Services > IronPort Anti-Spam).

However, we were completely unable to turn anything on, regardless of access level (I'm a Cloud Administrator, but my coworker is an Administrator).

The cause of the problem: Cisco upgrading our appliance, and it turned out the feature keys somehow got blown out. In setting them back in, there is a requirement of accepting an End User License Agreement. Somewhere within this area is where Cisco failed to properly handle things.

Resolving this required creating a ticket with Cisco (initially a P3 ticket, which eventually got escalated to P1). If you're seeing yourself with this exact same issue, know you're not alone. Hopefully, Cisco fixes this for all of their CES customers in one swoop, but just watch out for this just in case. 

This problem started this past Friday morning for us but has just gotten resolved as I'm creating this post. While getting the ticket resolved, I highly recommend requesting that Cisco adds an email address from your organization to Atlas so that you're notified of when upgrades are planned to take place.


Featured Post

Hey MSSPs! What's your total cost of ownership?

WEBINAR: Managed security service providers often deploy & manage products from a variety of solution vendors. But is this really the best approach when it comes to saving time AND money? Join us on Aug. 15th to learn how you can improve your total cost of ownership today!

Join & Write a Comment

Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month