Cisco Cisco Web Security Appliance S670 Betriebsanweisung

If file reputation or file analysis verdict information is unavailable because the connection with the 
service timed out, the file is considered clean and is released to the end user. 

 

If the file is sent for analysis: 

For files sent to the cloud for analysis: files are sent over HTTPS. 

Analysis normally takes minutes, but may take longer. 

A file that is flagged as malicious after file analysis may not be identified as malicious by the 
reputation service. File reputation is determined by a variety of factors over time, not necessarily by 
a single file-analysis verdict. 

Results for files analyzed using an on-premises Cisco AMP Threat Grid appliance are cached 
locally. 

For information about verdict updates, see 

.

The reputation service evaluates most file types. File type identification is determined by file content and 
is not dependent on the filename extension. 

Some files with unknown reputation can be analyzed for threat characteristics. When you configure the 
file analysis feature, you choose which file types are analyzed. New types can be added dynamically; 
you will receive an alert when the list of uploadable file types changes, and can select added file types 
to upload. 

Details about what files are supported by the reputation and analysis services are available only to 
registered Cisco customers. For information about which files are evaluated and analyzed, see File 
Criteria for Advanced Malware Protection Services for Cisco Content Security Products, available from 

. 

The criteria for evaluating a file’s reputation and for sending files for analysis may change at any time.