Cisco Cisco Web Security Appliance S170
14
Release Notes for Cisco AsyncOS 8.0.8 for Web
Documentation Updates
19
-
%Xp
The External DLP scan verdict based on the result given in the ICAP
response. The following list describes the possible values for this
field:
response. The following list describes the possible values for this
field:
•
0. Allow
•
1. Block
•
- (hyphen). No scanning was initiated by the external DLP server.
This value appears when External DLP scanning is disabled, or
when the content was not scanned due to an exempt URL category
on the External DLP Policies > Destinations page.
This value appears when External DLP scanning is disabled, or
when the content was not scanned due to an exempt URL category
on the External DLP Policies > Destinations page.
20
IW_infr
%XQ
The URL category verdict determined during request-side scanning,
abbreviated. This field lists a hyphen ( - ) when URL filtering is
disabled.
abbreviated. This field lists a hyphen ( - ) when URL filtering is
disabled.
For a list of URL category abbreviations, see
“URL Category
Descriptions” on page 9-23 of the AsyncOS 8.7 for Cisco Web
Security Appliances User Guide
Security Appliances User Guide
.
21
-
%XA
The URL category verdict determined by the Dynamic Content
Analysis engine during response-side scanning, abbreviated. Applies
to the Cisco Web Usage Controls URL filtering engine only. Only
applies when the Dynamic Content Analysis engine is enabled and
when no category is assigned at request time (a value of “nc” is listed
in the request-side scanning verdict).
Analysis engine during response-side scanning, abbreviated. Applies
to the Cisco Web Usage Controls URL filtering engine only. Only
applies when the Dynamic Content Analysis engine is enabled and
when no category is assigned at request time (a value of “nc” is listed
in the request-side scanning verdict).
For a list of URL category abbreviations, see
“URL Category
Descriptions” on page 9-23 of the AsyncOS 8.7 for Cisco Web
Security Appliances User Guide
Security Appliances User Guide
.
22
“Trojan Phisher”
“%XZ”
Unified response-side anti-malware scanning verdict that provides
the malware category independent of which scanning engines are
enabled. Applies to transactions blocked or monitored due to server
response scanning.
the malware category independent of which scanning engines are
enabled. Applies to transactions blocked or monitored due to server
response scanning.
23
“-”
“%Xk”
The threat type returned by the Web Reputation filters which resulted
in the target website receiving a poor reputation. Typically, this field
is populated for sites at reputation of -4 and below.
in the target website receiving a poor reputation. Typically, this field
is populated for sites at reputation of -4 and below.
24
“Unknown”
“%XO”
The application name as returned by the AVC engine, if applicable.
Only applies when the AVC engine is enabled.
Only applies when the AVC engine is enabled.
25
“Unknown”
“%Xu”
The application type as returned by the AVC engine, if applicable.
Only applies when the AVC engine is enabled.
Only applies when the AVC engine is enabled.
26
“-”
“%Xb”
The application behavior as returned by the AVC engine, if
applicable. Only applies when the AVC engine is enabled.
applicable. Only applies when the AVC engine is enabled.
27
“-”
“%XS”
Safe browsing scanning verdict. This value indicates whether either
the safe search or the site content ratings feature was applied to
the transaction.
the safe search or the site content ratings feature was applied to
the transaction.
For a list of the possible values, see
“Logging Adult Content Access”
on page 9-16 of the AsyncOS 8.7 for Cisco Web Security Appliances
User Guide
User Guide
.
28
489.73
%XB
The average bandwidth consumed serving the request, in Kb/sec.
Position Field Value
Format Specifier Description