Cisco Cisco Web Security Appliance S670 User Guide

14-9

AsyncOS 9.0 for Cisco Web Security Appliances User Guide

Chapter 14 File Reputation Filtering and File Analysis

Configuring File Reputation and Analysis Features

•

An appliance can belong to only one group.

•

You can add a machine to a group at any time, but you can do it only once.

Step 3

Click Add Appliance to Group.

Which Appliances Are In the Analysis Group?

Step 1

Select Security Services > Anti-Malware and Reputation .

Step 2

In the Appliance Grouping for File Analysis Cloud Reporting section, click View Appliances in Group.

Step 3

To view the File Analysis Client ID of a particular appliance, look in the following location:

Configuring File Reputation and Analysis Service Action Per Access Policy

Procedure

Step 1

Select Web Security Manager > Access Policies.

Step 2

Click the link in the Anti-Malware and Reputation column for a policy in the table.

Step 3

In the Advanced Malware Protection Settings section, select Enable File Reputation Filtering and
File Analysis.

If File Analysis is not enabled globally, only File Reputation Filtering is offered.

Step 4

Select an action for Known Malicious and High-Risk Files: Monitor or Block.

The default is Monitor.

Step 5

Submit and commit your changes.

Ensuring That You Receive Alerts About Advanced Malware Protection Issues

Ensure that the appliance is configured to send you alerts related to Advanced Malware Protection.

Appliance

Location of File Analysis Client ID

Email Security
appliance

Advanced Settings for File Analysis section
on the Security Services > File Reputation and Analysis page.

Web Security
appliance

Advanced Settings for File Analysis section
on the Security Services > Anti-Malware and Reputation page.

Security Management
appliance

At the bottom of the Management Appliance > Centralized Services >
Security Appliances page.