Cisco Cisco Web Security Appliance S160 Guía Del Usuario

Administrators and executive management require information to better 
understand evolving corporate threats. While the Web Security appliance controls 
the malware threat to a corporate environment, comprehensive monitoring and 
reporting tools provide insight to threats that are monitored or blocked, and 
display actionable data such as top clients infected to help you manage the 
presence of malware.

The chapter introduces you to the monitoring tools you can use to monitor system 
activity and help you interpret data specific to each Web Security appliance 
security component. The Monitor tab contains a collection of system data and 
graphical displays for the following types of information:

Security Services — Summary displays of transaction data derived from the 
results of filtering policies.

Suspect Transactions Detected — Summary charts that represent the 
percentages of traffic that was blocked by S-Series filtering and scanning 
features.

Top Sites by Malware — Categorical displays of monitored and blocked 
transactions to web sites containing malware.

High-Risk and Malware Activity — Summary displays of client malware 
activity and high-risk web sites.

You can also use appliance reports to monitor appliance activity. For more 
information about creating and using reports, see 

.

The Monitor tab provides several options for viewing system data. This section 
describes those options and explains the information displayed on each of the 
following pages: Overview, L4 Traffic Monitor, Client Web Activity, Client 
Malware Risk, Web Site Activity, Anti-Malware, URL Categories, and Web 
Reputation Filters.