Cisco Cisco Web Security Appliance S690 User Guide
19-11
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 19 Configuring Security Services
Configuring Web Reputation and Anti-Malware in Policies
•
Cisco IronPort Data Security Policies. For more information, see
Web Reputation and Anti-Malware Settings in Access Policies
When Adaptive Scanning is enabled, the web reputation and anti-malware settings you can configure for
Access Policies are slightly different than when Adaptive Scanning is turned off. For more information,
see
Access Policies are slightly different than when Adaptive Scanning is turned off. For more information,
see
Note
If your deployment includes a Security Management appliance, and you are configuring this feature in
a Configuration Master, options on this page depend on whether Adaptive Security is enabled for the
relevant configuration master. Check the setting on the Security Management appliance, on the Web >
Utilities > Security Services Display page.
a Configuration Master, options on this page depend on whether Adaptive Security is enabled for the
relevant configuration master. Check the setting on the Security Management appliance, on the Web >
Utilities > Security Services Display page.
Configuring Web Reputation and Anti-Malware Settings with Adaptive Scanning Enabled
Step 1
Navigate to the Web Security Manager > Access Policies page.
Step 2
Click the Web Reputation and Anti-Malware Filtering link for the Access Policy you want to configure.
Step 3
Under the “Web Reputation and Anti-Malware Settings” section, choose Define Web Reputation and
Anti-Malware Custom Settings if it is not chosen already.
Anti-Malware Custom Settings if it is not chosen already.
This allows you to configure web reputation and anti-malware settings for this Access Policy that differ
from the global policy.
from the global policy.
Step 4
In the Web Reputation Settings section, choose whether or not to enable Web Reputation Filtering.
Adaptive Scanning chooses the most appropriate web reputation score thresholds for each web request.
Adaptive Scanning chooses the most appropriate web reputation score thresholds for each web request.
Step 5
Scroll down to the Cisco IronPort DVS Anti-Malware Settings section.
Step 6
Configure the anti-malware settings for the policy as necessary.
describes the anti-malware
settings you can configure for Access Policies when Adaptive Scanning is enabled.
Table 19-6
Anti-Malware Settings for Access Policies—Adaptive Scanning Enabled
Setting
Description
Enable Suspect User
Agent Scanning
Agent Scanning
Choose whether or not to scan traffic based on the user agent field specified in
the HTTP request header.
the HTTP request header.
When you select this checkbox, you can choose to monitor or block suspect
user agents in the Additional Scanning section at the bottom of the page.
user agents in the Additional Scanning section at the bottom of the page.
Enable Anti-Malware
Scanning
Scanning
Choose whether or not to use the DVS engine to scan traffic for malware.
Adaptive Scanning chooses the most appropriate engine for each web request.
Adaptive Scanning chooses the most appropriate engine for each web request.