Cisco Cisco Web Security Appliance S680 Guía Del Usuario
14-5
AsyncOS 8.8 for Cisco Web Security Appliances User Guide
Chapter 14 File Reputation Filtering and File Analysis
Configuring File Reputation and Analysis Features
Requirements for Communication with File Reputation and Analysis Services
•
All Web Security appliances that use these services must be able to connect to them directly over
the internet (excluding File Analysis services configured to use an on-premises Cisco AMP Threat
Grid Appliance.)
the internet (excluding File Analysis services configured to use an on-premises Cisco AMP Threat
Grid Appliance.)
•
By default, communication with file reputation and analysis services is routed through the
Management port (M1) on the appliance. If your appliance does not route data through the
management port, see
Management port (M1) on the appliance. If your appliance does not route data through the
management port, see
.
•
The following firewall ports must be open:
•
When you configure the file reputation feature, choose whether to use SSL over port 443.
Related Topics
•
Routing Traffic to File Reputation and File Analysis Servers Through a Data Interface
If the appliance is configured to restrict the management port to appliance management services only
(on the Network > Interfaces page), configure the appliance to route file reputation and analysis traffic
through the data port instead.
(on the Network > Interfaces page), configure the appliance to route file reputation and analysis traffic
through the data port instead.
Add routes for data traffic on the Network > Routes page. For general requirements and instructions, see
Firewall
Ports Description
Ports Description
Protocol
In/Out
Hostname
Appliance
Interface
Interface
32137
(default)
or 443
(default)
or 443
Access to cloud services
for obtaining file
reputation.
for obtaining file
reputation.
TCP
Out
As configured in Security Services >
Anti-Malware and Reputation, Advanced
section: Advanced Settings for File Reputation,
Cloud Server Pool parameter.
Anti-Malware and Reputation, Advanced
section: Advanced Settings for File Reputation,
Cloud Server Pool parameter.
Management,
unless a static
route is
configured to
route this
traffic through
a data port.
unless a static
route is
configured to
route this
traffic through
a data port.
443
Access to cloud services
for file analysis.
for file analysis.
TCP
Out
As configured in Security Services >
Anti-Malware and Reputation, Advanced
section: Advanced Settings for File Analysis.
Anti-Malware and Reputation, Advanced
section: Advanced Settings for File Analysis.
For Connection To
Destination Network
Gateway
The file reputation service Host name of the Cloud Server Pool, as
configured in Security Services >
Anti-Malware and Reputation, Advanced
section: Advanced Settings for File
Reputation.
Anti-Malware and Reputation, Advanced
section: Advanced Settings for File
Reputation.
IP address of the gateway for
the data port
the data port
The file analysis service
Host name of the File Analysis Server, as
configured in Security Services >
Anti-Malware and Reputation, Advanced
section: Advanced Settings for File
Analysis.
configured in Security Services >
Anti-Malware and Reputation, Advanced
section: Advanced Settings for File
Analysis.
IP address of the gateway for
the data port
the data port