SOLUTION: ESA Centralizing Policy, Virus, and Outbreak Quarantine (PVO) Cannot be Enabled

Problem:

Applies to Cisco Email Security Appliance 9.1.0 (Ironport C Series) and Cisco Content Security Management 9.1.1 (Ironport M Series)

You installed new Ironport C series and now want to configure Central Policy, Virus, and Outbreak Quarantine (POV) so that C series can store POV quarantine centrally on M series Appliance.

When you try to Enable Centralize POV on C series you got the following error:

Unable to proceed with Centralized Policy, Virus and Outbreak Quarantines
configuration as host1 and host2 in Cluster have content filters / DLP actions
available at a level different from the cluster Level.

ESA Centralizing Policy, Virus, and Outbreak Quarantine (PVO) Cannot be Enabled

Symptoms:

-You checked that actually there is No content filter, no message filter on cluster or main group or machine level
-You checked the all scenarios in doc ESA Centralizing Policy, Virus, and Outbreak Quarantine (PVO) Cannot be Enabled (http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118026-technote-esa-00.html) but none of them are applied.

Resolution:

1-Delete all incoming mail policy under the group where the new host belongs. (typically Main Group in a cluster).Only default policy left on cluster level.
2-Then Enable Centralized Quarantines (for Policy, Virus and Outbreak Quarantines) on Security Services/Centeralized Services/Policy, Virus, and Outbreak Quarantine

Warning: Since you delete all incoming mail policy, you should apply this solution on non production Ironports. (probably newly installed C series or brand new ironport cluster that is not in production yet.

Once Centeralized POV Quarantine is enabled and you can continue to configure your policies.

More Info:

ESA Centralizing Policy, Virus, and Outbreak Quarantine (PVO) Cannot be Enabled
http://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118026-technote-esa-00.html

Advertisements
Gallery | This entry was posted in Cisco Email Security (Ironport) and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s