Cisco Cisco Web Security Appliance S680 Guía Del Usuario
11-3
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
Chapter 11 Outbound Malware Scanning
Evaluating Outbound Malware Scanning Policy Group Membership
For more information on configuring Outbound Malware Scanning Policies to
block requests based on outbound malware, see
block requests based on outbound malware, see
Note
Upload requests that try to upload files with a size of zero (0) bytes are not
evaluated against Outbound Malware Scanning Policies.
evaluated against Outbound Malware Scanning Policies.
Evaluating Outbound Malware Scanning Policy
Group Membership
Group Membership
Each client request is assigned to an Identity and is then evaluated against the
other policy types to determine to which policy group it belongs for each type.
The Web Proxy evaluates upload requests against the Outbound Malware
Scanning Policies.
other policy types to determine to which policy group it belongs for each type.
The Web Proxy evaluates upload requests against the Outbound Malware
Scanning Policies.
The Web Proxy applies the configured policy control settings to a client request
based on the client request’s policy group membership.
based on the client request’s policy group membership.
To determine the policy group that a client request matches, the Web Proxy
follows a specific process for matching the group membership criteria. During
this process, it considers the following factors for group membership:
follows a specific process for matching the group membership criteria. During
this process, it considers the following factors for group membership:
•
Identity. Each client request either matches an Identity, fails authentication
and is granted guest access, or fails authentication and is terminated. For
more information about evaluating Identity group membership, see
and is granted guest access, or fails authentication and is terminated. For
more information about evaluating Identity group membership, see
.
•
Authorized users. If the assigned Identity requires authentication, the user
must be in the list of authorized users in the Outbound Malware Scanning
Policy group to match the policy group. The list of authorized users can be
any of the specified groups or users or can be guest users if the Identity allows
guest access.
must be in the list of authorized users in the Outbound Malware Scanning
Policy group to match the policy group. The list of authorized users can be
any of the specified groups or users or can be guest users if the Identity allows
guest access.
•
Advanced options. You can configure several advanced options for
Outbound Malware Scanning Policy group membership. Some options, such
as proxy port and URL category, can also be defined within the Identity.
When an advanced option is configured in the Identity, it is not configurable
in the Outbound Malware Scanning Policy group level.
Outbound Malware Scanning Policy group membership. Some options, such
as proxy port and URL category, can also be defined within the Identity.
When an advanced option is configured in the Identity, it is not configurable
in the Outbound Malware Scanning Policy group level.