Cisco Cisco Web Security Appliance S160 Guía Del Usuario
16-2
AsyncOS 10.0 for Cisco Web Security Appliances User Guide
Chapter 16 Prevent Loss of Sensitive Data
Managing Upload Requests
To restrict and control data that is leaving the network, you can perform the following tasks:
Bypassing Upload Requests Below a Minimum Size
To help reduce the number of upload requests recorded in the log files, you can define a minimum request
body size, below which upload requests are not scanned by the Cisco Data Security Filters or the external
DLP server.
body size, below which upload requests are not scanned by the Cisco Data Security Filters or the external
DLP server.
To do this, use the following CLI commands:
•
datasecurityconfig.
Applies to the Cisco Data Security filters.
•
externaldlpconfig.
Applies to the configured external DLP servers.
The default minimum request body size is 4 KB (4096 bytes) for both CLI commands. Valid values are
1 to 64 KB. The size you specify applies to the entire size of the upload request body.
1 to 64 KB. The size you specify applies to the entire size of the upload request body.
Note
All chunk encoded uploads and all native FTP transactions are scanned by the Cisco Data Security filters
or external DLP servers when enabled. However, they can still be bypassed based on a custom URL
category.
or external DLP servers when enabled. However, they can still be bypassed based on a custom URL
category.
User Experience When Requests Are Blocked As Sensitive Data
When the Cisco Data Security filters or an external DLP server blocks an upload request, it provides a
block page that the Web Proxy sends to the end user. Not all websites display the block page to the end
user. For example, some Web 2.0 websites display dynamic content using javascript instead of a static
Web page and are not likely to display the block page. Users are still properly blocked from performing
data security violations, but they may not always be informed of this by the website.
block page that the Web Proxy sends to the end user. Not all websites display the block page to the end
user. For example, some Web 2.0 websites display dynamic content using javascript instead of a static
Web page and are not likely to display the block page. Users are still properly blocked from performing
data security violations, but they may not always be informed of this by the website.
Managing Upload Requests
Before You Begin
•
Go to Security Services > Data Security Filters to enable the Cisco Data Security filters.
Task
Link to Task
Create Cisco Data Security policies
Managing Upload Requests, page 13-2
Create External DLP policies
Managing Upload Requests on an External DLP
System, page 13-3
System, page 13-3
Create Data Security and External DLP policies
Control Upload Requests using Cisco Data
Security policies
Security policies
Managing Settings for Upload Requests, page 13-7
Control Upload Requests Using External DLP
policies
policies
Controlling Upload Requests Using External DLP
Policies, page 13-11
Policies, page 13-11