Cisco Cisco Web Security Appliance S380 User Guide

Submit and commit your changes.

When you install and set up the Web Security appliance, it has default settings for Web Reputation 
Scores. However, you can modify threshold settings for web reputation scoring to fit your organization’s 
needs.

You configure the web reputation filter settings for each policy group.

You can edit the web reputation score thresholds in Access Policies when Adaptive Scanning is disabled.

Navigate to the Web Security Manager > Access Policies page.

Click the link under the Web Reputation and Anti-Malware Filtering column for the Access Policy group 
you want to edit.

Under the Web Reputation and Anti-Malware Settings section, choose “Define Web Reputation and 
Anti-Malware Custom Settings” from the drop down menu if it is not selected already.

This allows you to configure web reputation and anti-malware settings for this Access Policy that differ 
from the global policy.

Enable Sophos or 
McAfee

Choose whether or not to enable the appliance to use either the Sophos or 
McAfee scanning engine when scanning traffic. When you enable Sophos or 
McAfee scanning, you can choose to monitor or block some additional 
categories in the Malware categories on this page.

Malware Categories

Choose whether to monitor or block the various malware categories based on a 
malware scanning verdict. 

The categories listed in this section depend on which scanning engines you 
enable above. For more information on each category, see 

Other Categories

Choose whether to monitor or block the types of objects and responses listed in 
this section.

URL transactions are categorized as unscannable when the configured 
maximum time setting is reached or when the system experiences a 
transient error condition. For example, transactions might be 
categorized as unscannable during scanning engine updates or AsyncOS 
upgrades. The malware scanning verdicts SV_TIMEOUT and 
SV_ERROR, are considered unscannable transactions.