It seems you're facing some challenges with Symantec Messaging Gateway (SMG) integrated with CAS 3.2.1.6. Let's break down the issues you've mentioned:
File Label Name Missing in Search Tab of CAS:
You've noticed that when SMG receives a file named "abc.xls," you can't find the file label name in the Search Tab of CAS.
However, you can find the file name in the All Task tab of CAS.
Additionally, the file label name "abc.xls" has been modified in CAS to "abc%20.xls."
To address this issue, let's explore some potential solutions:
Check Content Filtering Policies: Ensure that your content filtering policies in CAS are correctly configured. Sometimes, specific policies may affect how file labels are displayed or searched.
Review File Scanning Settings: Verify that CAS is scanning attachments correctly. If the file label information is not being captured during scanning, it might be related to the scanning process.
Investigate API Communication: Since SMG communicates with CAS using an API key, check if there are any issues with the API communication. Ensure that the API key is valid and that there are no connectivity problems.
Contact Symantec Support: If the issue persists, consider reaching out to Symantec support for further assistance.
Recent Threats Not Showing in Malware Analysis Overview Tab:
You've mentioned that the recent threats detected by modules like Predictive analysis, file reputation, and Antivirus are not appearing in the Malware Analysis Overview tab of CAS.
Here are some steps to troubleshoot this:
Check Module Configuration: Verify that the modules (Predictive analysis, file reputation, Antivirus) are correctly configured and enabled in CAS.
Review Logging and Reporting: Ensure that logging and reporting settings are appropriately configured. Sometimes, missing threat information could be related to reporting settings.
Monitor Event Logs: Check the event logs or logs related to threat detection. Look for any errors or warnings that might provide insights into why recent threats are not showing up.
Symantec Support Assistance: If the issue persists, consider contacting Symantec support for further investigation.
Remember that troubleshooting complex integrations like this often involves checking various settings, logs, and configurations.
Original Message:
Sent: Oct 10, 2022 03:32 AM
From: Gazi Asif Mohammed Islam
Subject: Question Regarding Cas 3.2.1.6
Dear Community
Please look out the below question and let me help by answering them as well. As we are using CAS 3.2.1.6 which is integrated with Symantec Messaging Gateway 10.7.5-4. All the Incoming Message Attachment has been going to CAS for malware analysis or sandboxing. It has been observed that suppose SMG receiving a file name abc.xls then in content analysis we have to search this file using either Hash or file name in the search tab. But most interesting is that we didn't able to find the file label name in the Search Tab of CAS. However, we can find the file name in the All Task tab CAS and its a very hard job to do. Also the the file label name abc.xls has been modified in CAS like abc%20.xls.
on the other hand, in Utilities Tab of CAS we have monitored the recent threats module like Predictive analysis, file reputation, Antivirus etc. and those modules are blocking the threats, however, the recent threats is not showing in Malware Analysis Overview tab of CAS.
Can anyone help me about that,
Symantec Messaging Gateway is currently communicating with Content Analysis using API Key.
Regards
Gazi