Cisco Cisco Web Security Appliance S160 Guía Del Usuario
14-7
AsyncOS 9.0.1 for Cisco Web Security Appliances User Guide
Chapter 14 File Reputation Filtering and File Analysis
Configuring File Reputation and Analysis Features
•
If you will deploy a self-signed certificate: Generate a self-signed SSL certificate from the Cisco
AMP Threat Grid appliance to be used on your Web Security appliance. See instructions for
downloading SSL certificates and keys in the administrator’s guide for your AMP Threat Grid
appliance. Be sure to generate a certificate that has the hostname of your AMP Threat Grid appliance
as CN. The default certificate from the AMP Threat Grid appliance does NOT work.
AMP Threat Grid appliance to be used on your Web Security appliance. See instructions for
downloading SSL certificates and keys in the administrator’s guide for your AMP Threat Grid
appliance. Be sure to generate a certificate that has the hostname of your AMP Threat Grid appliance
as CN. The default certificate from the AMP Threat Grid appliance does NOT work.
•
Registration of your Web Security appliance with your Threat Grid appliance occurs automatically
when you submit the configuration for File Analysis, as described in
when you submit the configuration for File Analysis, as described in
. However, you must activate the registration as
described in the same procedure.
Enabling and Configuring File Reputation and Analysis Services
Before You Begin
•
Acquire feature keys for the file reputation service and the file analysis service.
•
Meet the
.
•
Ensure that a Data network interface is enabled on the appliance if you want to use a Data network
interface for File Reputation and Analysis services. See
interface for File Reputation and Analysis services. See
Enabling or Changing Network Interfaces,
page 2-15
.
•
Verify connectivity to the update servers configured in
Configuring Upgrade and Service Update
Settings, page 22-31
.
•
If you will use a Cisco AMP Threat Grid Appliance as a private cloud file analysis server, see
.
Step 1
Select Security Services > Anti-Malware and Reputation .
Step 2
Click Edit Global Settings.
Step 3
In the Advanced Malware Protection Services section, select Enable File Reputation Filtering.
Step 4
Accept the license agreement if presented.
Step 5
In the Advanced Malware Protection Services section, select Enable File Analysis.
Step 6
In the File Analysis section, select the file types to send to the cloud for analysis.
Step 7
Adjust the following Advanced Settings for File Reputation as needed:
Option
Description
Routing Table
The routing table (associated with an appliance network
interface type, either Management or Data) to be used for
Advanced Malware Protection services. If the appliance
has both the Management interface and one or more Data
interfaces enabled, you can select Management or Data.
interface type, either Management or Data) to be used for
Advanced Malware Protection services. If the appliance
has both the Management interface and one or more Data
interfaces enabled, you can select Management or Data.