The dashboard is the main page of Libra Esva and gives an overview of the status of the appliance. All the data shown here are automatically refreshed every 120 seconds (by default).
The status monitor contain summary of the most useful information in the system, to quickly spot anomalies.
Memory Swap Usage Swapped memory is normal in a mail gateway, especially when there are multiple antivirus. As the swap usage increase however, the performance drop exponentially, so it is always required to keep this value below 50-60% on average.
Mailer Status LibraEsva is composed of multiple engine working in synergy to create security. The most important engines are listed here, as well as their statuses (enabled, partially enabled, disabled).
- Message scanning: the main engine of Libra Esva, is only disabled when the license is expired
- MailScanner engines: status of MailScanner and number of parallel process currently running
- Antivirus engines: ClamAV is the default antivirus and is always active. Avira and Bitdefender engines are available as an option
- URLSand: LibraEsva proprietary sandboxing for link threat identification and real-time disarm
- Quicksand: LibraEsva proprietary sandboxing to sanitize attachment on the gateway
- License usage: current license usage
- Load average: the load avarage is combination of many appliance factors, such us cpu usage, locked process, io waiting process and the like. This value should usally be equals or lower than the number of CPUs
Last Week Summary: SPAM Rates This is an overview of all the email which reached LibraEsva, distinguished by SMTP reject, Spam, Bounce and Virus. Usually, there are a lot of SMTP reject since is the first defence in Libra Esva from botnet and bad spam. The quantity of Spam, Bounces, and Virus greatly depends on the traffic, but as a general rule a great variation from normal traffic could be related to some high threat being detected.
Last Week Summary: Threat sources Similar to the last week summary, but geographically distributed. Allows you to see from where all the threat are generated.
Version info When you don’t have a cluster setup, you will see here only the current version of Libra Esva.
Cluster status When a cluster is setup, this box shows the nodes surrent load and the replica status. If there is any issue with the cluster replica a warning or an error is immediately displayed.
This panel shows the overall of the messages processed today (i.e. starting with 00:01am in local time). All data are real-time values coming from the application. The graph shown here is a complement to the “Last week summary”.
Today’s total A detailed count of all messages received or rejected. By clicking on the magnifying-glass beside the SMTP rejected, you can see the full list of all sender rejected today.
Mail Queues These represent the emails which are currently actively processed by Libra Esva. The incoming queue contains all the messages received (i.e. passed SMTP checks) which are waiting to be scanned and sanitized. The outgoing queue contains all the sanitized messages which are ready to be delivered. As for the SMTP reject, by clicking magnifying-glass is it possible to see the queue status; from that page the administrator may manually drop or flush the messages.
Last accepted messages
This list contains the last messages processed by Libra Esva in the last 24 hours updated in real-time. Every message shown here has successfully completed all the analysis, and is now either blocked in the quaranting or moved to the ouotgoing queue for delivery.
Administrator will find this list useful to monitor the mail flow through Libra Esva. In case of service abuse, this list gives an immediate feedback which greatly help in reducing threat response time.