Cisco Cisco Web Security Appliance S170 Guía Del Usuario
9-10
AsyncOS 8.5 for Cisco Web Security Appliances User Guide
Chapter 9 Create Policies to Control Internet Requests
Policy Configuration
Policy Configuration
Option
Description
Protocols and Client
Applications
Applications
Used to control policy access to protocols and configure blocking for particular
client applications, such as instant messaging clients, web browsers, and
Internet phone services. You can also configure the appliance to tunnel HTTP
CONNECT requests on specific ports. With tunneling enabled, the appliance
passes HTTP traffic through specified ports without evaluating it.
client applications, such as instant messaging clients, web browsers, and
Internet phone services. You can also configure the appliance to tunnel HTTP
CONNECT requests on specific ports. With tunneling enabled, the appliance
passes HTTP traffic through specified ports without evaluating it.
URL Categories
AsyncOS for Web allows you to configure how the appliance handles a
transaction based on the URL category of a particular HTTP or HTTPS request.
Using a predefined category list, you can choose to monitor, block, warn or set
time-based content by category. You can also create custom URL categories and
choose to allow, monitor, block, warn, redirect or configure time-based traffic
for a website in the custom category.
transaction based on the URL category of a particular HTTP or HTTPS request.
Using a predefined category list, you can choose to monitor, block, warn or set
time-based content by category. You can also create custom URL categories and
choose to allow, monitor, block, warn, redirect or configure time-based traffic
for a website in the custom category.
Applications
The Application Visibility and Control engine (AVC engine) is an acceptable use
policy component that inspects web traffic to gain deeper understanding and
control of web traffic used for applications. The appliance allows the Web Proxy
to be configured to block or allow applications by application type or a particular
application. You can also apply controls to particular application behaviors
within a particular application, such as file transfers.
policy component that inspects web traffic to gain deeper understanding and
control of web traffic used for applications. The appliance allows the Web Proxy
to be configured to block or allow applications by application type or a particular
application. You can also apply controls to particular application behaviors
within a particular application, such as file transfers.
Object Blocking
Allows the Web Proxy to be configured to block file downloads based on file
characteristics, such as file size and file type. An object is, generally, any item
that can be individually selected, uploaded, downloaded and manipulated, such
as:
characteristics, such as file size and file type. An object is, generally, any item
that can be individually selected, uploaded, downloaded and manipulated, such
as:
•
Application: pdf, xml, zip, exe
•
Text: cmd, csv, html, javascript
•
Image: gif, jpeg, png, tiff
•
Video: mp4, Quicktime, avi, wmv
•
Audio: mp4, wav, webm, mpeg
•
Message: http, xml, rfc822, partial
•
x-world: wrl, wrz, xof, 3dmf
Note
Object blocking does not inspect inside compressed files.
Anti-Malware and
Reputation
Reputation
Web reputation filters allow for a web-based reputation score to be assigned to
a URL to determine the probability of it containing URL-based malware.
Anti-malware scanning identifies and stops web-based malware threats.
Advanced Malware Protection identifies malware in downloaded files.
a URL to determine the probability of it containing URL-based malware.
Anti-malware scanning identifies and stops web-based malware threats.
Advanced Malware Protection identifies malware in downloaded files.
The Anti-Malware and Reputation policy inherits global settings respective to
each component. Within Security Services > Anti-Malware and Reputation,
malware categories can be customized to monitor or block based on malware
scanning verdicts and web reputation score thresholds can be customized.
Malware categories can be further customized within a policy. There are also
global settings for file reputation and analysis services.
each component. Within Security Services > Anti-Malware and Reputation,
malware categories can be customized to monitor or block based on malware
scanning verdicts and web reputation score thresholds can be customized.
Malware categories can be further customized within a policy. There are also
global settings for file reputation and analysis services.
For more information, see
.