Cisco Cisco Web Security Appliance S360 Guía Para Resolver Problemas
Protocols and User Agents' column <for the required access policy>.
−−> Add allowed ports under 'HTTP CONNECT Ports:'
−−> Add allowed ports under 'HTTP CONNECT Ports:'
♦
For applications where you only know about destination IP addresses being accessed, you can use the
L4 Traffic Monitor feature to block access for the concerned IP address. We can add the destination
IPs under Web Security Manager > L4 Traffic Monitor > Additional Suspected Malware
Addresses.
L4 Traffic Monitor feature to block access for the concerned IP address. We can add the destination
IPs under Web Security Manager > L4 Traffic Monitor > Additional Suspected Malware
Addresses.
6.
If you are unaware of which 'User Agent' or 'Mime type' is being used by certain applications, then you can do
either of the following to find this information:
either of the following to find this information:
Run a packet capture with WireShark (Ethereal) on client's machine and filter for 'http' protocol.
•
Run the capture on WSA (under "Support and Help" > "Packet capture"), filtered on the client's IP
address.
address.
•
List of user agents:
====================
http://www.user−agents.org/
====================
http://www.user−agents.org/
List of MIME types:
====================
http://www.webmaster−toolkit.com/mime−types.shtml
====================
http://www.webmaster−toolkit.com/mime−types.shtml
http://www.microsoft.com/technet/isa/2004/plan/commonapplicationsignatures.mspx
Updated: Oct 14, 2014
Document ID: 118486