Cisco Cisco Web Security Appliance S160 Guía Del Usuario
13-5
AsyncOS 8.1 for Cisco Web Security User Guide
Chapter 13 File Reputation Filtering and File Analysis
Configuring File Reputation and Analysis Features
Related Topics
•
Enabling and Configuring File Reputation and Analysis Services
Before You Begin
•
Acquire feature keys for the file reputation service and the file analysis service.
•
Meet the
.
•
In order to display the full list of file types that can be analyzed, the appliance must be able to
connect to the update servers configured in
connect to the update servers configured in
Procedure
Step 1
Select Security Services > Anti-Malware and Reputation .
Step 2
Click Edit Global Settings.
Step 3
In the Advanced Malware Protection Services section, select Enable File Reputation Filtering.
Step 4
Accept the license agreement if presented.
Step 5
In the Advanced Malware Protection Services section, select Enable File Analysis.
Step 6
In the File Analysis section, select the file types to send to the cloud for analysis.
Step 7
Adjust the following Advanced settings as desired:
For Connection To
Destination Network
Gateway
The file reputation service IP addresses of the Cloud Server Pool, as
configured in Security Services >
Anti-Malware and Reputation, Advanced
section.
Anti-Malware and Reputation, Advanced
section.
IP address of the gateway for
the data port
the data port
The file analysis service
IP address of the File Analysis Server, as
configured in Security Services >
Anti-Malware and Reputation, Advanced
section.
configured in Security Services >
Anti-Malware and Reputation, Advanced
section.
IP address of the gateway for
the data port
the data port
Option
Description
SSL Communication for File Reputation
Check Use SSL (Port 443) to communicate on port 443
instead of the default port, 32137.
instead of the default port, 32137.
This option also allows you to configure an upstream proxy
for communication with the file reputation service.
for communication with the file reputation service.
Note
SSL communication over port 32137 may require
you to open that port in your firewall.
you to open that port in your firewall.
Reputation Threshold
•
Use value from Cloud Service
•
Enter custom value
The upper limit for acceptable file reputation scores.
Scores above this threshold indicate the file is infected.
Scores above this threshold indicate the file is infected.