Meraki

Community

Meraki AMP - Behavior with Email Links

Solved
Vladimiry_JSC
Conversationalist
‎Dec 6 2017 12:39 PM
‎Dec 6 2017 12:39 PM

Meraki AMP - Behavior with Email Links

Hello,

 

I would like to know how AMP responds to emails coming in with malicious links. I received an email with no attachments just a malicious link with a file. I did not click on it but I used some Reconnaissance methods to justify that is was malicious. Meraki AMP detected that it blocked the virus from my PC. I am wondering how it does that? Does it analyze the link ahead of time? 

Thank you,

Vlad

0 Kudos
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Dec 6 2017 2:03 PM
‎Dec 6 2017 2:03 PM

No it doesn't look at links in email.

 

At the time you click on the link, and if it is an http request, then AMP will analyse the content being downloaded.

 

Often Content Filtering is a better way to deal with these.  I use Content Filtering to block these categories (purely for security reasons):

Bot Nets

Illegal

Malware Sites

Proxy Avoidance and Anonymizers

 

View solution in original post

1 Reply 1
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Dec 6 2017 2:03 PM
‎Dec 6 2017 2:03 PM

No it doesn't look at links in email.

 

At the time you click on the link, and if it is an http request, then AMP will analyse the content being downloaded.

 

Often Content Filtering is a better way to deal with these.  I use Content Filtering to block these categories (purely for security reasons):

Bot Nets

Illegal

Malware Sites

Proxy Avoidance and Anonymizers

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.