Guest

Preview Tool

Cisco Bug: CSCup50951 - Main domain report inaccurate as subdomains are included

Last Modified

Jan 27, 2017

Products (1)

  • Cisco Content Security Management Appliance

Known Affected Releases

8.1.1-013

Description (partial)

Symptom:
When generating a report for a particular main domain using the 'exact match' option, the report may contain statistics from subdomains as well, causing the report not to be accurate. The exact match option is not honored. 

Example how this may become visible in the outgoing TLS connections report:

- regarding outgoing mail to main domain example.com, ESA has setting to use "TLS Required" 
- regarding outgoing mail to domain subdomain.example.com ESA is not using TLS.

Expected Result within the Outgoing TLS report when using search option 'exact match: example.com':
Only the counters for "TLS Req. Success" or "TLS Req. Failed" are increased, other parameters like "Unencrypted Connections", "TLS Pref. Success" and "TLS Pref. Failed" have a value of 0.

Encountered Behavior regarding above example:
The counter for "Unencrypted Connections" may be increased if outgoing mail has been sent to subdomain.example.com.

Conditions:
Centralized Reporting is enabled on the ESA and SMA
outbound messages are sent to domains 'example.com' and 'subdomain.example.com', incoming messages are received from domains 'example.com' and 'subdomain.example.com'
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.