Cisco Cisco Web Security Appliance S690 Guía Del Usuario

Click Update Now.

The actions the L4 Traffic Monitor takes depends on the L4 Traffic Monitor policies you configure

:

Choose Web Security Manager > L4 Traffic Monitor.

Click Edit Settings.

On the Edit L4 Traffic Monitor Policies page, configure the L4 Traffic Monitor policies: 

Define the Allow List 

Add known good sites to the Allow List

Do not include the Web Security appliance IP address or hostname to the Allow List 
otherwise the L4 Traffic Monitor does not block any traffic.

Determine which action to perform for Suspected Malware Addresses:

When you choose to block suspected malware traffic, you can also choose whether or not to 
always block ambiguous addresses. By default, ambiguous addresses are monitored.

If the L4 Traffic Monitor is configured to block, the L4 Traffic Monitor and the Web Proxy 
must be configured on the same network. Use the Network > Routes page to confirm that 
all clients are accessible on routes that are configured for data traffic.

Define the Additional Suspected Malware Addresses properties

It always allows traffic to and from known allowed and unlisted addresses

It monitors traffic under the following circumstances:

When the Action for Suspected Malware Addresses option is set to Monitor, it 
always monitors all traffic that is not to or from a known allowed address.

When the Action for Suspected Malware Addresses option is set to Block, it 
monitors traffic to and from ambiguous addresses

When the Action for Suspected Malware Addresses option is set to Block, it blocks 
traffic to and from known malware addresses