Cisco Cisco Web Security Appliance S690 User Guide
22-21
AsyncOS 9.1.1 for Cisco Web Security Appliances User Guide
Chapter 22 Perform System Administration Tasks
FIPS Compliance
Updater Alerts
The following table contains a list of the various updater alerts that can be generated by AsyncOS,
including a description of the alert and the alert severity:
including a description of the alert and the alert severity:
Anti-Malware Alerts
For information about alerts related to Advanced Malware Protection, see
Ensuring That You Receive
Alerts About Advanced Malware Protection Issues, page 17-13
.
FIPS Compliance
Federal Information Processing Standards (FIPS) specify requirements for cryptographic modules that
are used by all government agencies to protect sensitive but unclassified information. FIPS help ensure
compliance with federal security and data privacy requirements. FIPS, developed by the National
Institute for Standards and Technology (NIST), are to use when no voluntary standards exist to meet
federal requirements.
are used by all government agencies to protect sensitive but unclassified information. FIPS help ensure
compliance with federal security and data privacy requirements. FIPS, developed by the National
Institute for Standards and Technology (NIST), are to use when no voluntary standards exist to meet
federal requirements.
The WSA achieves FIPS 140-2 Level 1 compliance in FIPS mode using Cisco Common Cryptographic
Module (C3M). By default, FIPS mode is disabled.
Module (C3M). By default, FIPS mode is disabled.
Tech support: Service tunnel has been disabled.
Information.
Not applicable.
•
The host at $ip has been added to the blacklist
because of an SSH DOS attack.
because of an SSH DOS attack.
•
The host at $ip has been permanently added to
the ssh whitelist.
the ssh whitelist.
•
The host at $ip has been removed from the
blacklist
blacklist
Warning.
$ip - IP address from which a login attempt
occurred.
occurred.
Description:
IP addresses that try to connect to the
appliance over SSH but do not provide valid
credentials are added to the SSH blacklist if
more than 10 failed attempts occur within two
minutes.
appliance over SSH but do not provide valid
credentials are added to the SSH blacklist if
more than 10 failed attempts occur within two
minutes.
When a user logs in successfully from the same
IP address, that IP address is added to the
whitelist.
IP address, that IP address is added to the
whitelist.
Addresses on the whitelist are allowed access
even if they are also on the blacklist.
even if they are also on the blacklist.
Entries are automatically removed from the
blacklist after about a day.
blacklist after about a day.
Message
Alert Severity
Parameters
Message
Alert Severity
Parameters
The $app application tried and failed $attempts
times to successfully complete an update. This may
be due to a network configuration issue or
temporary outage.
times to successfully complete an update. This may
be due to a network configuration issue or
temporary outage.
Warning.
$app: Web Security appliance security service
name.
name.
$attempts: Number of attempts tried.
The updater has been unable to communicate with
the update server for at least $threshold.
the update server for at least $threshold.
Warning.
$threshold: Threshold value time.
Unknown error occurred: $traceback.
Critical.
$traceback: Traceback information.