About outbreak management


Article ID: 181299


Updated On:


Mail Security for Microsoft Exchange




An outbreak situation occurs when an excessive number of threats or events that exhibit virus-like behavior occur on a network. When an outbreak occurs, prompt identification of the situation and notification of administrative staff is critical.

Outbreak management lets you configure Mail Security to send alerts whenever a certain threshold of duplicate messages, which are sent within a period of time, is reached. In some instances, a large number of duplicate messages can indicate an active virus outbreak or a problem within your Exchange server. You can monitor different type of conditions and receive timely alerts as they occur. An outbreak condition does not necessarily indicate that there is a problem. Sometimes the duplicate messages threshold is met by normal email flow and that depends on your settings and the amount of email flow passing through the Exchange server.

When you configure outbreak settings, it is recommended that you consider the following:

  • Threat potential of the event category that is being monitored

  • Amount of email that is typically processed

  • Size of your mail system

  • Stringency with which you want to define an outbreak

As your outbreak triggers are tested, you can fine-tune the values that you use.

Mail Security lets you manage outbreaks with the following options: