Cisco Cisco Web Security Appliance S170 Guía Del Usuario
14-5
AsyncOS 10.0 for Cisco Web Security Appliances User Guide
Chapter 14 File Reputation Filtering and File Analysis
Configuring File Reputation and Analysis Features
•
Information about every file that is sent to the cloud for analysis and has a verdict of “malicious” is
added to the reputation database. This information is used along with other data to determine a
reputation score.
added to the reputation database. This information is used along with other data to determine a
reputation score.
Information about files analyzed by an on-premises Cisco AMP Threat Grid appliance is not shared
with the reputation service.
with the reputation service.
Configuring File Reputation and Analysis Features
•
•
•
•
•
•
•
•
Requirements for Communication with File Reputation and Analysis Services
•
All Web Security appliances that use these services must be able to connect to them directly over
the Internet (excluding file reputation and analysis services configured to use an on-premises
appliance.)
the Internet (excluding file reputation and analysis services configured to use an on-premises
appliance.)
•
By default, communication with file reputation and analysis services is routed through the
Management port (M1) on the appliance. If your appliance does not route data through the
management port, see
Management port (M1) on the appliance. If your appliance does not route data through the
management port, see
.
•
The following firewall ports must be open:
•
When you configure the file reputation feature, choose whether to use SSL over port 443.
Related Topics
•
Firewall
Ports Description
Ports Description
Protocol
In/Out
Hostname
Appliance
Interface
Interface
32137
(default)
or 443
(default)
or 443
Access to cloud services
for obtaining file
reputation.
for obtaining file
reputation.
TCP
Out
As configured in Security Services >
Anti-Malware and Reputation, Advanced
section: Advanced Settings for File Reputation,
SSL Communication for File Reputation
section.
Anti-Malware and Reputation, Advanced
section: Advanced Settings for File Reputation,
SSL Communication for File Reputation
section.
Management,
unless a static
route is
configured to
route this
traffic through
a data port.
unless a static
route is
configured to
route this
traffic through
a data port.
443
Access to cloud services
for file analysis.
for file analysis.
TCP
Out
As configured in Security Services >
Anti-Malware and Reputation, Advanced
section: Advanced Settings for File Analysis.
Anti-Malware and Reputation, Advanced
section: Advanced Settings for File Analysis.