Cisco Cisco Web Security Appliance S690 User Guide

Page of 494
10-12
AsyncOS 9.1.1 for Cisco Web Security Appliances User Guide
 
Chapter 10      Create Policies to Control Internet Requests
  Policy Configuration
The following diagram shows how the Web Proxy determines which action to take on a request after it 
has assigned a particular Access Policy to the request. The Web reputation score of the destination server 
is evaluated only once, but the result is applied at two different points in the decision flow.
Objects
Allows the Web Proxy to be configured to block file downloads based on file 
characteristics, such as file size and file type. An object is, generally, any item that 
can be individually selected, uploaded, downloaded and manipulated, such as:
Application: pdf, xml, zip, exe
Text: cmd, csv, html, javascript
Image: gif, jpeg, png, tiff
Video: mp4, Quicktime, avi, wmv
Audio: mp4, wav, webm, mpeg
Message: http, xml, rfc822, partial
x-world: wrl, wrz, xof, 3dmf
Note
Object blocking does not inspect inside compressed files. 
Anti-Malware 
and Reputation
Web reputation filters allow for a web-based reputation score to be assigned to a 
URL to determine the probability of it containing URL-based malware. 
Anti-malware scanning identifies and stops web-based malware threats. 
Advanced Malware Protection identifies malware in downloaded files. 
The Anti-Malware and Reputation policy inherits global settings respective to 
each component. Within Security Services > Anti-Malware and Reputation
malware categories can be customized to monitor or block based on malware 
scanning verdicts and web reputation score thresholds can be customized. 
Malware categories can be further customized within a policy. There are also 
global settings for file reputation and analysis services. 
For more information, see 
 and 
Configuring File Reputation and Analysis Features, 
page 17-4
Option
Description