Cisco Cisco Web Security Appliance S160 User Guide

Configure the anti-malware settings for the policy as necessary. 

 

describes the anti-malware settings you can configure for Access Policies. 

Enable Suspect 
User Agent 
Scanning

Choose whether or not to enable the appliance to scan traffic 
based on the user agent field specified in the HTTP request 
header.

When you check this setting, you can choose to monitor or 
block suspect user agents in the Additional Scanning 
section at the bottom of the page. 

Enable Webroot

Choose whether or not to enable the appliance to use the 
Webroot scanning engine when scanning traffic. When you 
enable Webroot scanning, you can choose to monitor or 
block some additional categories in the Malware categories 
on this page.

Enable Sophos or 
McAfee

Choose whether or not to enable the appliance to use either 
the Sophos or McAfee scanning engine when scanning 
traffic. When you enable Sophos or McAfee scanning, you 
can choose to monitor or block some additional categories 
in the Malware categories on this page.

Malware 
Categories

Choose whether to monitor or block the various malware 
categories based on a malware scanning verdict. 

The categories listed in this section depend on which 
scanning engines you enable above. 

Other Categories

Choose whether to monitor or block the types of objects and 
responses listed in this section.

Note: URL transactions are categorized as unscannable 
when the configured maximum time setting is reached or 
when the system experiences a transient error condition. For 
example, transactions might be categorized as unscannable 
during scanning engine updates or AsyncOS upgrades. The 
malware scanning verdicts SV_TIMEOUT and 
SV_ERROR, are considered unscannable transactions.

Submit and commit your changes.