Cisco Cisco Web Security Appliance S680 Guía Del Usuario
16-9
AsyncOS 9.0 for Cisco Web Security Appliances User Guide
Chapter 16 Prevent Loss of Sensitive Data
Defining External DLP Systems
Note
For some groups of MIME types, blocking one type blocks all MIME types in the group. For
example, blocking application/x-java-applet blocks all java MIME types, such as
application/java and application/javascript.
example, blocking application/x-java-applet blocks all java MIME types, such as
application/java and application/javascript.
•
File name. You can block files with specified names. You can use text as a literal string or a regular
expression for specifying file names to block.
expression for specifying file names to block.
Note
Only enter file names with 8-bit ASCII characters. The Web Proxy only matches file names with
8-bit ASCII characters.
8-bit ASCII characters.
Defining External DLP Systems
The Web Security appliance can integrate with multiple external DLP servers from the same vendor by
defining multiple DLP servers in the appliance. You can define the load-balancing technique the Web
Proxy uses when contacting the DLP systems. This is useful when you define multiple DLP systems. See
defining multiple DLP servers in the appliance. You can define the load-balancing technique the Web
Proxy uses when contacting the DLP systems. This is useful when you define multiple DLP systems. See
for information about specifying the protocols used to secure
communications with external DLP servers.
Note
Verify the external DLP server does not send the Web Proxy modified content. AsyncOS for Web only
supports the ability to block or allow upload requests. It does not support uploading content modified by
an external DLP server.
supports the ability to block or allow upload requests. It does not support uploading content modified by
an external DLP server.
Configuring External DLP Servers
Step 1
Choose Network > External DLP Servers.
Step 2
Click Edit Settings.
Setting
Description
Protocol for External
DLP Servers
DLP Servers
Choose either:
•
ICAP – DLP client/server ICAP communications are not encrypted.
•
Secure ICAP – DLP client/server ICAP communications are via an
encrypted tunnel. Additional related options appear.
encrypted tunnel. Additional related options appear.