Cisco Cisco Web Security Appliance S160 Guía Del Usuario
16-2
AsyncOS 8.8 for Cisco Web Security Appliances User Guide
Chapter 16 Prevent Loss of Sensitive Data
Managing Upload Requests
To restrict and control data that is leaving the network, you can perform the following tasks:
Bypassing Upload Requests Below a Minimum Size
To help reduce the number of upload requests recorded in the log files, you can define a minimum request
body size, below which upload requests are not scanned by the Cisco IronPort Data Security Filters or
the external DLP server.
body size, below which upload requests are not scanned by the Cisco IronPort Data Security Filters or
the external DLP server.
To do this, use the following CLI commands:
•
datasecurityconfig.
Applies to the Cisco IronPort Data Security Filters.
•
externaldlpconfig.
Applies to the configured external DLP servers.
The default minimum request body size is 4 KB (4096 bytes) for both CLI commands. Valid values are
1 to 64 KB. The size you specify applies to the entire size of the upload request body.
1 to 64 KB. The size you specify applies to the entire size of the upload request body.
Note
All chunk encoded uploads and all native FTP transactions are scanned by the Cisco IronPort Data
Security Filters or external DLP servers when enabled. However, they can still be bypassed based on a
custom URL category.
Security Filters or external DLP servers when enabled. However, they can still be bypassed based on a
custom URL category.
User Experience with Blocked Requests
When the Cisco IronPort Data Security Filters or an external DLP server blocks an upload request, it
provides a block page that the Web Proxy sends to the end user. Not all websites display the block page
to the end user. For example, some Web 2.0 websites display dynamic content using javascript instead
of a static webpage and are not likely to display the block page. Users are still properly blocked from
performing data security violations, but they may not always be informed of this by the website.
provides a block page that the Web Proxy sends to the end user. Not all websites display the block page
to the end user. For example, some Web 2.0 websites display dynamic content using javascript instead
of a static webpage and are not likely to display the block page. Users are still properly blocked from
performing data security violations, but they may not always be informed of this by the website.
Managing Upload Requests
Before You Begin
•
Go to Security Services > Data Security Filters to enable the Cisco IronPort Data Security Filters.
Task
Link to Task
Create Cisco IronPort Data Security Policies
Managing Upload Requests, page 13-2
Create External DLP Policies
Managing Upload Requests on an External DLP
System, page 13-3
System, page 13-3
Create Data Security and External DLP Policies
Control Upload Requests using Cisco IronPort
Data Security Policies
Data Security Policies
Managing Settings for Upload Requests, page 13-7
Control Upload Requests Using External DLP
Policies
Policies
Controlling Upload Requests Using External DLP
Policies, page 13-11
Policies, page 13-11