Cisco Cisco Web Security Appliance S190 Guía Del Usuario
21-3
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
Chapter 21 L4 Traffic Monitor
Configuring the L4 Traffic Monitor
•
Block. When the Action for Suspected Malware Addresses option is set to
Block, it blocks traffic to and from known malware addresses.
Block, it blocks traffic to and from known malware addresses.
The L4 Traffic Monitor Database
The L4 Traffic Monitor uses and maintains its own internal database. This
database is continuously updated with matched results for IP addresses and
domain names. Additionally, the database table receives periodic updates from the
IronPort update server at the following location:
database is continuously updated with matched results for IP addresses and
domain names. Additionally, the database table receives periodic updates from the
IronPort update server at the following location:
https://update-manifests.ironport.com
For information about update intervals and the IronPort update server, see
.
Configuring the L4 Traffic Monitor
The L4 Traffic Monitor can be enabled as part of an initial system setup using the
System Setup Wizard. By default, the L4 Traffic Monitor is enabled and set to
monitor traffic on all ports. This includes DNS and other services.
System Setup Wizard. By default, the L4 Traffic Monitor is enabled and set to
monitor traffic on all ports. This includes DNS and other services.
Note
To monitor true client IP addresses, the L4 Traffic Monitor should always be
configured inside the firewall and before network address translation (NAT). For
more information about deploying the L4 Traffic Monitor, see
configured inside the firewall and before network address translation (NAT). For
more information about deploying the L4 Traffic Monitor, see
You can configure the following settings:
•
Global L4 Traffic Monitor settings. You can enable or disable the L4 Traffic
Monitor after an initial configuration and configure which TCP ports to
monitor. Use the Security Services > L4 Traffic Monitor page. For more
information see
Monitor after an initial configuration and configure which TCP ports to
monitor. Use the Security Services > L4 Traffic Monitor page. For more
information see
.
•
L4 Traffic Monitor policies. When the L4 Traffic Monitor is enabled, you
configure specific policies for managing traffic. Use the Web Security
Manager > L4 Traffic Monitor Policies page. For more information see
configure specific policies for managing traffic. Use the Web Security
Manager > L4 Traffic Monitor Policies page. For more information see
.