Cisco Cisco Web Security Appliance S160 User Guide
14-6
AsyncOS 9.0 for Cisco Web Security Appliances User Guide
Chapter 14 File Reputation Filtering and File Analysis
Configuring File Reputation and Analysis Features
Related Topics
•
Configuring TCP/IP Traffic Routes, page 2-19
Configuring an On-Premises File Analysis Server
If you will use a Cisco AMP Threat Grid Appliance as a private-cloud file analysis server:
•
Obtain the Cisco AMP Threat Grid Appliance Setup and Configuration Guide and the Cisco AMP
Threat Grid Appliance Administration Guide. Cisco AMP Threat Grid Appliance documentation is
available from
Threat Grid Appliance Administration Guide. Cisco AMP Threat Grid Appliance documentation is
available from
Use this documentation to perform the tasks described in this topic.
Additional documentation is available from the Help link in the AMP Threat Grid appliance.
In the Administration Guide, search for information about all of the following: integrations with
other Cisco appliances, CSA, Cisco Sandbox API, WSA, and Web Security Appliances.
other Cisco appliances, CSA, Cisco Sandbox API, WSA, and Web Security Appliances.
•
Set up and configure the Cisco AMP Threat Grid Appliance.
•
If necessary, update your Cisco AMP Threat Grid Appliance software to version 1.2.1, which
supports integration with Cisco Web Security appliances.
supports integration with Cisco Web Security appliances.
See the AMP Thread Grid documentation for instructions for determining the version number and
for performing the update.
for performing the update.
•
Ensure that your appliances can communicate with each other over your network. Cisco Web
Security appliances must be able to connect to the CLEAN interface of the AMP Threat Grid
appliance.
Security appliances must be able to connect to the CLEAN interface of the AMP Threat Grid
appliance.
•
If you will deploy a self-signed certificate: Generate a self-signed SSL certificate from the Cisco
AMP Threat Grid appliance to be used on your Web Security appliance. See instructions for
downloading SSL certificates and keys in the administrator’s guide for your AMP Threat Grid
appliance. Be sure to generate a certificate that has the hostname of your AMP Threat Grid appliance
as CN. The default certificate from the AMP Threat Grid appliance does NOT work.
AMP Threat Grid appliance to be used on your Web Security appliance. See instructions for
downloading SSL certificates and keys in the administrator’s guide for your AMP Threat Grid
appliance. Be sure to generate a certificate that has the hostname of your AMP Threat Grid appliance
as CN. The default certificate from the AMP Threat Grid appliance does NOT work.
•
Registration of your Web Security appliance with your Threat Grid appliance occurs automatically
when you submit the configuration for File Analysis, as described in
when you submit the configuration for File Analysis, as described in
. However, you must activate the registration as
described in the same procedure.
Enabling and Configuring File Reputation and Analysis Services
Before You Begin
•
Acquire feature keys for the file reputation service and the file analysis service.
•
Meet the
.
•
Ensure that a Data network interface is enabled on the appliance if you want to use a Data network
interface for File Reputation and Analysis services. See
interface for File Reputation and Analysis services. See
Enabling or Changing Network Interfaces,
page 2-15
.
•
Verify connectivity to the update servers configured in
Configuring Upgrade and Service Update
Settings, page 22-31
.