Cisco Cisco Web Security Appliance S380 Guía Del Usuario

To prevent malicious data from leaving the network, the Web Security appliance provides the Outbound 
Malware Scanning feature. Using policy groups, you can define which uploads are scanned for malware, 
which anti-malware scanning engines to use for scanning, and which malware types to block.

The Cisco Dynamic Vectoring and Streaming (DVS) engine scans transaction requests as they leave the 
network. By working with the Cisco DVS engine, the Web Security appliance enables you to prevent 
users from unintentionally uploading malicious data. 

You can perform the following tasks:

When the Cisco DVS engine blocks an upload request, the Web Proxy sends a block page to the end user. 
However, not all Websites display the block page to the end user. Some Web 2.0 Websites display 
dynamic content using Javascript instead of a static Webpage and are not likely to display the block page. 
Users are still properly blocked from uploading malicious data, but they may not always be informed of 
this by the Website.

Create policies to block malware

Creating Outbound Malware Scanning Policies, page 12-4

Assign upload requests to outbound 
malware policy groups

Controlling Upload Requests, page 12-6