Cisco Cisco Web Security Appliance S680 Guía Del Usuario
16-8
AsyncOS 9.0 for Cisco Web Security Appliances User Guide
Chapter 16 Prevent Loss of Sensitive Data
Managing Settings for Upload Requests
You can configure the following settings to determine what action to take on upload requests:
After a Data Security Policy group is assigned to an upload request, the control settings for the policy
group are evaluated to determine whether to block the request or evaluate it against the Access Policies.
group are evaluated to determine whether to block the request or evaluate it against the Access Policies.
URL Categories
AsyncOS for Web allows you to configure how the appliance handles a transaction based on the URL
category of a particular request. Using a predefined category list, you can choose to monitor or block
content by category. You can also create custom URL categories and choose to allow, monitor, or block
traffic for a website in the custom category.
category of a particular request. Using a predefined category list, you can choose to monitor or block
content by category. You can also create custom URL categories and choose to allow, monitor, or block
traffic for a website in the custom category.
Web Reputation
The Web Reputation setting inherits the global setting. To customize web reputation filtering for a
particular policy group, you can use the Web Reputation Settings pull-down menu to customize web
reputation score thresholds.
particular policy group, you can use the Web Reputation Settings pull-down menu to customize web
reputation score thresholds.
Only negative and zero values can be configured for web reputation threshold settings for Cisco IronPort
Data Security Policies. By definition, all positive scores are monitored.
Data Security Policies. By definition, all positive scores are monitored.
Content Blocking
You can use the settings on the Cisco IronPort Data Security Policies > Content page to configure the
Web Proxy to block data uploads based on the following file characteristics:
Web Proxy to block data uploads based on the following file characteristics:
•
File size. You can specify the maximum upload size allowed. All uploads with sizes equal to or
greater than the specified maximum are blocked. You can specify different maximum file sizes for
HTTP/HTTPS and native FTP requests.
greater than the specified maximum are blocked. You can specify different maximum file sizes for
HTTP/HTTPS and native FTP requests.
When the upload request size is greater than both the maximum upload size and the maximum scan
size (configured in the “DVS Engine Object Scanning Limits” field on Security Services >
Anti-Malware page), the upload request is still blocked, but the entry in the data security logs does
not record the file name and content type. The entry in the access logs is unchanged.
size (configured in the “DVS Engine Object Scanning Limits” field on Security Services >
Anti-Malware page), the upload request is still blocked, but the entry in the data security logs does
not record the file name and content type. The entry in the access logs is unchanged.
•
File type. You can block predefined file types or custom MIME types you enter. When you block a
predefined file type, you can block all files of that type or files greater than a specified size. When
you block a file type by size, the maximum file size you can specify is the same as the value for the
“DVS Engine Object Scanning Limits” field on Security Services > Anti-Malware page. By default,
that value is 32 MB.
predefined file type, you can block all files of that type or files greater than a specified size. When
you block a file type by size, the maximum file size you can specify is the same as the value for the
“DVS Engine Object Scanning Limits” field on Security Services > Anti-Malware page. By default,
that value is 32 MB.
Cisco IronPort Data Security Filters do not inspect the contents of archived files when blocking by
file type. Archived files can be blocked by its file type or file name, not according to its contents.
file type. Archived files can be blocked by its file type or file name, not according to its contents.
Option
Link
URL Categories
URL Categories, page 13-8
Web Reputation
Web Reputation, page 13-8
Content
Content Blocking, page 13-8