Cisco Cisco Web Security Appliance S690 User Guide

When you configure web reputation settings in Access Policies, you can choose to configure the settings 
manually, or let AsyncOS for Web choose the best options using Adaptive Scanning. When Adaptive 
Scanning is enabled, you can enable or disable web reputation filtering in each Access Policy, but you 
cannot edit the Web Reputation Scores. 

By default, URLs in an HTTP request that are assigned a Web Reputation Score of +7 are allowed and 
require no further scanning. However, a weaker score for an HTTP request, such as +3, is automatically 
forwarded to the Cisco IronPort DVS engine where it is scanned for malware. Any URL in an HTTP 
request that has a poor reputation is blocked.

Access Policies

You can choose to block, scan, or allow

Decryption Policies

You can choose to drop, decrypt, or pass through

Cisco IronPort Data Security Policies

You can choose to block or monitor

-10 to -6.0

Block

Bad site. The request is blocked, 
and no further malware scanning 
occurs.

URL downloads information without 
user permission.

Sudden spike in URL volume.

URL is a typo of a popular domain.

-5.9 to 5.9

Scan

Undetermined site. Request is 
passed to the DVS engine for 
further malware scanning. The 
DVS engine scans the request 
and server response content.

Recently created URL that has a 
dynamic IP address and contains 
downloadable content.

Network owner IP address that has a 
positive Web Reputation Score.

6.0 to 10.0

Allow

Good site. Request is allowed. 
No malware scanning required.

URL contains no downloadable 
content.

Reputable, high-volume domain 
with long history.

Domain present on several allow 
lists.

No links to URLs with poor 
reputations.