Cisco Cisco Web Security Appliance S390 Betriebsanweisung
W E B R O O T S C A N N I N G
C H A P T E R 1 5 : A N T I - M A L W A R E S E R V I C E S
325
WE B R O O T S C A N N I N G
The Webroot scanning engine inspects objects to determine the malware scanning verdict to
send to the DVS engine. The Webroot scanning engine inspects the following objects:
send to the DVS engine. The Webroot scanning engine inspects the following objects:
• URL request. Webroot evaluates a URL request to determine if the URL is a malware
suspect. If Webroot suspects the response from this URL might contain malware, the
appliance monitors or blocks the request, depending on how the appliance is configured.
If Webroot evaluation clears the request, the appliance retrieves the URL and scans the
server response.
appliance monitors or blocks the request, depending on how the appliance is configured.
If Webroot evaluation clears the request, the appliance retrieves the URL and scans the
server response.
• Server response. When the appliance retrieves a URL, Webroot scans the server response
content and compares it to the Webroot signature database.
For more information about how the DVS engine uses malware scanning verdicts to handle
web traffic, see “IronPort DVS™ (Dynamic Vectoring and Streaming) Engine” on page 322.
web traffic, see “IronPort DVS™ (Dynamic Vectoring and Streaming) Engine” on page 322.
For information about Web Reputation Filtering and URL scores, see “Web Reputation Filters”
on page 309.
on page 309.