Cisco Cisco Web Security Appliance S160 User Guide

For more information on configuring Outbound Malware Scanning Policies to 
block requests based on outbound malware, see 

Upload requests that try to upload files with a size of zero (0) bytes are not 
evaluated against Outbound Malware Scanning Policies.

Each client request is assigned to an Identity and is then evaluated against the 
other policy types to determine to which policy group it belongs for each type. 
The Web Proxy evaluates upload requests against the Outbound Malware 
Scanning Policies. 

The Web Proxy applies the configured policy control settings to a client request 
based on the client request’s policy group membership.

To determine the policy group that a client request matches, the Web Proxy 
follows a specific process for matching the group membership criteria. During 
this process, it considers the following factors for group membership:

Identity. Each client request either matches an Identity, fails authentication 
and is granted guest access, or fails authentication and is terminated. For 
more information about evaluating Identity group membership, see 

.

Authorized users. If the assigned Identity requires authentication, the user 
must be in the list of authorized users in the Outbound Malware Scanning 
Policy group to match the policy group. The list of authorized users can be 
any of the specified groups or users or can be guest users if the Identity allows 
guest access.

Advanced options. You can configure several advanced options for 
Outbound Malware Scanning Policy group membership. Some options, such 
as proxy port and URL category, can also be defined within the Identity. 
When an advanced option is configured in the Identity, it is not configurable 
in the Outbound Malware Scanning Policy group level.