Cisco Cisco Web Security Appliance S160 Guía Del Usuario
14-3
Cisco AsyncOS for Web User Guide
Chapter 14 Managing Access to Web Applications
Enabling the AVC Engine
AVC Engine Updates
AsyncOS periodically queries the update servers for new updates to all security service components,
including the AVC engine. AVC engine updates can include support for new application types and
applications as well as updated support for existing applications if any application behavior changes. By
updating the AVC engine in between AsyncOS versions, the Web Security appliance remains flexible
without requiring a server upgrade.
including the AVC engine. AVC engine updates can include support for new application types and
applications as well as updated support for existing applications if any application behavior changes. By
updating the AVC engine in between AsyncOS versions, the Web Security appliance remains flexible
without requiring a server upgrade.
AsyncOS for Web assigns the following default actions for the Global Access Policy:
•
New application types default to Monitor.
•
New application behaviors, such as block file transfer within a particular application, default to
Monitor.
Monitor.
•
New applications for an existing application type default to the application type default.
Note
You can view the AVC engine scanning activity in the Application Visibility report on the Reporting >
Application Visibility page.
Application Visibility page.
Note
In the Global Access Policy, you can set the default action for each application type. You might want to
set the default action for each application type so new applications introduced in an Application
Visibility and Control engine update automatically inherit the default action.
set the default action for each application type so new applications introduced in an Application
Visibility and Control engine update automatically inherit the default action.
User Experience with Blocked Requests
When the AVC engine blocks a transaction, the Web Proxy sends a block page to the end user. However,
not all websites display the block page to the end user. Some Web 2.0 websites display dynamic content
using javascript instead of a static webpage and are not likely to display the block page. Users are still
properly blocked from downloading malicious data, but they may not always be informed of this by the
website.
not all websites display the block page to the end user. Some Web 2.0 websites display dynamic content
using javascript instead of a static webpage and are not likely to display the block page. Users are still
properly blocked from downloading malicious data, but they may not always be informed of this by the
website.
Enabling the AVC Engine
Enable the AVC engine when you enable Cisco Web Usage Controls.
Step 1
Choose Security Services > Acceptable Use Controls.
Step 2
Click Edit Global Settings.
Step 3
Verify the Enable Acceptable Use Controls property is enabled.
Step 4
In the Acceptable Use Controls Service area, select Cisco Web Usage Controls, and then select Enable
Application Visibility and Control.
Application Visibility and Control.
Step 5
Submit and Commit Changes.