Cisco Cisco Web Security Appliance S160 Guía Del Usuario
402
I R O N P O R T A S Y N C O S 6 . 3 F O R W E B U S E R G U I D E
WE B S I T E A C T I V I T Y PA G E
Use the following pages to monitor high-risk web sites accessed during a specific time range:
• Monitor > Web Site Activity page — This page shows the Web Site Activity report, which
includes the following information:
• Top five sites by high-risk transactions detected. A high-risk transaction is any
monitored or blocked transaction.
• Top five sites by malware transactions detected.
The site details section at the bottom of the page lists all of the sites with high-risk
transactions. You can use column headings to sort the data and each URL links to the Web
Site Detail page.
transactions. You can use column headings to sort the data and each URL links to the Web
Site Detail page.
• Web Site Detail page — This page shows the high-risk transactions for the site in a trend
graph that uses a different color for each type of high-risk transaction.
The Summary tab shows the same information as the trend graph, but in table format. It
shows the transactions blocked by URL filtering, transactions blocked by Web Reputation
Filters, transactions detected by Anti-Malware scanning, other blocked transactions, total
high-risk transactions, and URL categories of the site. The All tab displays bandwidth
saved by blocking and includes detail about transactions detected by Anti-Malware
scanning.
shows the transactions blocked by URL filtering, transactions blocked by Web Reputation
Filters, transactions detected by Anti-Malware scanning, other blocked transactions, total
high-risk transactions, and URL categories of the site. The All tab displays bandwidth
saved by blocking and includes detail about transactions detected by Anti-Malware
scanning.
The Other Blocked Transactions column displays transactions blocked by a policy rule.
This data includes the following conditions:
This data includes the following conditions:
• File size over limit
• File type not allowed
• User agent not allowed
• Protocol not allowed
• Authentication denied
• Attempted HTTP tunneling (CONNECT) on disabled port
User agents blocked by a policy configuration are recorded as “other blocked
transactions.” Suspect user agents detected by the Anti-Malware DVS engine are recorded
as blocked by Anti-Malware scanning.
transactions.” Suspect user agents detected by the Anti-Malware DVS engine are recorded
as blocked by Anti-Malware scanning.