cancel
Showing results for 
Search instead for 
Did you mean: 
xsymbianx
Level 7

MEG Categories

Can someone define these categories for me?

  • virus
  • potentially unwanted programs
  • compliance
  • image analysis
  • URL reputation
  • dlp
  • spam and phish
  • sender authentication and reputation
  • other detections
  • monitored
  • legitimate
0 Kudos
1 Reply
jfults
Level 7

Re: MEG Categories

Hello,

     Answers are below: 

Virus - These would be Virus Detections against McAfee Engine or Dats or Authentium Engine and Dats where action is taken.

Potentially unwanted programs - Any files attached to emails which are identified as a unwanted program which are blocked.

Compliance - MEG has default compliance rules for HIPPA, SOX, and other content which can identify items like SSN for example to be blocked.

Image analysis - Offensive Content sexual in nature that is scored by MEG which is logged as image analysis when blocked.

URL reputation - Blocked URLs in Emails that are based from McAfee's GTI Database.

DLP - This is for emails that trigger Data Loss Prevention which detects documents uploaded to the DLP Database and Polices on MEG.

Spam and Phish - Detections / Blocks against Spam Emails that score by default 10 or higher.  Phishing uses the same similar Anti-Spam engine and

rules to detect and block these.

   

Sender authentication and reputation - Emails blocked and added to the deny connection list by default for GTI / RBL.  Other exampls are SPF, Sender ID, DKIM, FCrDNS as an example under Email, Email Policies, Sender Authentication. 

Other detections - Can be email block for items such as DOS and Scan Time out setting configured.

   

Monitored - Emails which are modified are generally logged as Monitored.  An example is Anti-Spam Scanning as an example can set for a reporting threshold on email with a spam score of 5 or higher by default.

   

Legitimate - Emails which are not blocked and would be allowed through.  This can be viewed under Reports, Email Reports, Detail View when filtering on Legitimate emails.

Here is a screen shot as well from our appliance:

Capture.JPG

0 Kudos