cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki AMP - Behavior with Email Links

SOLVED
Conversationalist

Meraki AMP - Behavior with Email Links

Hello,

 

I would like to know how AMP responds to emails coming in with malicious links. I received an email with no attachments just a malicious link with a file. I did not click on it but I used some Reconnaissance methods to justify that is was malicious. Meraki AMP detected that it blocked the virus from my PC. I am wondering how it does that? Does it analyze the link ahead of time? 

Thank you,

Vlad

1 ACCEPTED SOLUTION

Accepted Solutions
Kind of a big deal

Re: Meraki AMP - Behavior with Email Links

No it doesn't look at links in email.

 

At the time you click on the link, and if it is an http request, then AMP will analyse the content being downloaded.

 

Often Content Filtering is a better way to deal with these.  I use Content Filtering to block these categories (purely for security reasons):

Bot Nets

Illegal

Malware Sites

Proxy Avoidance and Anonymizers

 

1 REPLY 1
Kind of a big deal

Re: Meraki AMP - Behavior with Email Links

No it doesn't look at links in email.

 

At the time you click on the link, and if it is an http request, then AMP will analyse the content being downloaded.

 

Often Content Filtering is a better way to deal with these.  I use Content Filtering to block these categories (purely for security reasons):

Bot Nets

Illegal

Malware Sites

Proxy Avoidance and Anonymizers

 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.