Cisco Cisco Web Security Appliance S690 User Guide

To restrict and control data that is leaving the network, you can perform the following tasks:

To help reduce the number of upload requests recorded in the log files, you can define a minimum request 
body size, below which upload requests are not scanned by the Cisco IronPort Data Security Filters or 
the external DLP server. 

To do this, use the following CLI commands:

 Applies to the Cisco IronPort Data Security Filters.

 Applies to the configured external DLP servers.

The default minimum request body size is 4 KB (4096 bytes) for both CLI commands. Valid values are 
1 to 64 KB. The size you specify applies to the entire size of the upload request body.

All chunk encoded uploads and all native FTP transactions are scanned by the Cisco IronPort Data 
Security Filters or external DLP servers when enabled. However, they can still be bypassed based on a 
custom URL category. 

When the Cisco IronPort Data Security Filters or an external DLP server blocks an upload request, it 
provides a block page that the Web Proxy sends to the end user. Not all websites display the block page 
to the end user. For example, some Web 2.0 websites display dynamic content using javascript instead 
of a static webpage and are not likely to display the block page. Users are still properly blocked from 
performing data security violations, but they may not always be informed of this by the website.

Go to Security Services > Data Security Filters to enable the Cisco IronPort Data Security Filters.

Create Cisco IronPort Data Security Policies

Managing Upload Requests, page 13-2

Create External DLP Policies

Managing Upload Requests on an External DLP 
System, page 13-3

Create Data Security and External DLP Policies

Control Upload Requests using Cisco IronPort 
Data Security Policies

Managing Settings for Upload Requests, page 13-7

Control Upload Requests Using External DLP 
Policies

Controlling Upload Requests Using External DLP 
Policies, page 13-11