Understanding the Email Reporting Pages
Note | This list
represents the reports available in the latest supported release of AsyncOS for
Email Security appliances. If your Email Security appliances are running
earlier releases of AsyncOS, not all of these reports are available.
|
|
Email Reporting Menu |
Action |
|---|---|
|
Email Reporting Overview Page |
The Overview page provides a synopsis of the activity on your Email Security appliances. It includes graphs and summary tables for the incoming and outgoing messages. For more information, see the Email Reporting Overview Page. |
|
Incoming Mail Page |
The Incoming Mail page provides interactive reporting on the real-time information for all remote hosts connecting to your managed Email Security appliances. You can gather information about the IP addresses, domains, and network owners (organizations) sending mail to your system. For more information, see the Incoming Mail Page. |
|
Sender Groups Report Page |
The Sender Groups report page provides a summary of connections by sender group and mail flow policy action, allowing you to review SMTP connection and mail flow policy trends. For more information, see the Sender Groups Report Page. |
|
Sender Domain Reputation Page |
You can use this report page to view incoming messages based on the verdict received and threat category from the SDR service For more information, see the Sender Domain Reputation Page. |
|
Outgoing Destinations Page |
The Outgoing Destinations page provides information about the domains that your organization sends mail to. The top of the page includes graphs depicting the top destinations by outgoing threat messages and top destinations by outgoing clean messages. The bottom of the page displays a chart with columns sorted by total recipients (default setting). For more information, see the Outgoing Destinations Page. |
|
Outgoing Senders Page |
The Outgoing Senders page provides information about the quantity and type of mail being sent from IP addresses and domains in your network. For more information, see the Outgoing Senders Page. |
|
Internal Users Page |
The Internal Users provides information about the mail sent and received by your internal users per email address. A single user can have multiple email addresses. The email addresses are not combined in the report. For more information, see the Internal Users Page. |
|
DLP Incidents |
The DLP Incident Summary page shows information on the incidents of data loss prevention (DLP) policy violations occurring in outgoing mail. For more information, see the DLP Incidents. |
|
Message Filters |
The Message Filters page shows information about the top message filter matches (which message filters had the largest number of matching messages) for incoming and outgoing messages. For more information, see the Message Filters |
|
Geo Distribution |
The Geo Distribution page shows the:
For more information, see the Geo Distribution. |
|
High Volume Mail |
The High Volume Mail page identifies attacks involving a large number of messages from a single sender, or with identical subjects, within a moving one-hour period. For more information, see the High Volume Mail. |
|
Content Filters Page |
The Content Filters page shows information about the top incoming and outgoing content filter matches (which content filter had the most matching messages). This page also displays the data as both bar charts and listings. Using the Content Filters page, you can review your corporate policies on a per-content-filter or per-user basis. For more information, see the Content Filters Page. |
|
DMARC Verification |
The DMARC Verification page shows the top sender domains that failed Domain-based Message Authentication, Reporting and Conformance (DMARC) verification, and a summary of the actions taken for incoming messages from each domain. For more information, see the DMARC Verification. |
|
Macro Detection |
The Macro Detection Report page shows the top incoming and outgoing macro-enabled attachments by file type detected by the content or message filters. For more information, see the Macro Detection |
|
External Threat Feeds Page |
The External Threat Feeds page shows the following reports:
For more information, see the External Threat Feeds Page. |
|
Virus Types Page |
The Virus Types page provides an overview of the viruses that are sent to and from your network. The Virus Types page displays the viruses that have been detected by the virus scanning engines running on the Email Security appliances and are displayed on the Security Management appliance. Use this report to take action against a particular virus. For more information, see the Virus Types Page. |
|
URL Filtering Page |
Use this page to view the URL categories most frequently occurring in messages, the most common URLs in spam messages, and the number of malicious and neutral URLs seen in messages. For more information, see the URL Filtering Page. |
|
Web Interaction Tracking Page |
Identifies the end users who clicked URLs rewritten by policy or Outbreak Filter, and the action associated with each user click. For more information, see the Web Interaction Tracking Page. |
|
Forged Email Detection Page |
The Forged Email Detection page includes the following reports:
|
|
Safe Print |
You can use the Safe Print report page to view:
For more information, see the Safe Print Page. |
|
Advanced Phishing Protection Page |
You can use the Advanced Phishing Protection report page to view:
For more information, see the Advanced Phishing Protection Page on Legacy Web Interface. |
|
Advanced Malware Protection (File Reputation and File Analysis) Reporting Pages |
There are three reporting pages showing file reputation and analysis data. For more information, see the Advanced Malware Protection (File Reputation and File Analysis) Reporting Pages. |
|
Mailbox Auto Remediation |
Use this page to view the details of the mailbox remediation results. |
|
TLS Connections Page |
The TLS Connections page shows the overall usage of TLS connections for sent and received mail. The report also shows details for each domain sending mail using TLS connections. For more information, see the TLS Connections Page. |
|
Inbound SMTP Authentication Page |
The Inbound SMTP authentication page shows the use of client certificates and the SMTP AUTH command to authenticate SMTP sessions between the Email Security appliance and users’ mail clients. For more information, see Inbound SMTP Authentication Page. |
|
Outbreak Filters Page |
The Outbreak Filters page shows information about recent outbreaks and the messages quarantined by Outbreak Filters. Use this page to monitor your defense against virus attacks. For more information, see the Outbreak Filters Page. |
|
Rate Limits Page |
The Rate Limits page shows the mail senders (based on MAIL-FROM address) who exceed the threshold you set for the number of message recipients per sender. For more information, see the Rate Limits Page. |
|
System Capacity Page |
Allows you to view the overall workload that is sending reporting data to the Security Management appliance. For more information, see the System Capacity Page. |
|
Reporting Data Availability Page |
Allows you to get a glimpse of the impact of the reporting data on the Security Management appliance for each appliance. For more information, see the Reporting Data Availability Page. |
|
Scheduling Email Reports |
Allows you to schedule reports for a specified time range. For more information, see the Scheduling Email Reports. |
|
Viewing and Managing Archived Email Reports |
Allows you to view and manage archived reports. For more information, see the Viewing and Managing Archived Email Reports. Also allows you to generate on-demand reports. See Generating Email Reports On Demand. |