Cisco Cisco Web Security Appliance S690 Mode D'Emploi
18-2
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 18 Understanding Application Visibility and Control
Enabling the AVC Engine
•
Allow instant messaging traffic, but disallow file sharing using instant messenger. For more
information, see
information, see
.
•
•
Restrict access to adult content on some content sharing sites. For more information, see
The AVC engine can dynamically receive updates from the Cisco IronPort update server, including
support for new applications and application types. For more information, see
support for new applications and application types. For more information, see
.
You can also view the AVC engine scanning activity in the Application Visibility report on the Reporting
> Application Visibility page. For more information, see
> Application Visibility page. For more information, see
.
User Experience with Blocked Requests
When the AVC engine blocks a transaction, the Web Proxy sends a block page to the end user. However,
not all websites display the block page to the end user. For example, some Web 2.0 websites display
dynamic content using javascript instead of a static webpage and are not likely to display the block page.
Users are still properly blocked from downloading malicious data, but they may not always be informed
of this by the website.
not all websites display the block page to the end user. For example, some Web 2.0 websites display
dynamic content using javascript instead of a static webpage and are not likely to display the block page.
Users are still properly blocked from downloading malicious data, but they may not always be informed
of this by the website.
AVC Engine Updates
AsyncOS periodically queries the update servers for new updates to all security service components,
including the AVC engine. AVC engine updates can include support for new application types and
applications as well as updated support for existing applications if any application behavior changes. By
updating the AVC engine in between AsyncOS versions, the Web Security appliance remains flexible
without requiring a server upgrade.
including the AVC engine. AVC engine updates can include support for new application types and
applications as well as updated support for existing applications if any application behavior changes. By
updating the AVC engine in between AsyncOS versions, the Web Security appliance remains flexible
without requiring a server upgrade.
AVC engine updates are maintained by the Cisco Security Intelligence Operations (SIO) center. Cisco
SIO updates signatures as necessary to adapt to the changing marketplace.
SIO updates signatures as necessary to adapt to the changing marketplace.
Because the AVC engine can receive support for new applications and application types, AsyncOS for
Web assigns the following default actions for the Global Access Policy:
Web assigns the following default actions for the Global Access Policy:
•
New application types default to Monitor.
•
New application behaviors, such as block file transfer within a particular application, default to
Monitor.
Monitor.
•
New applications for an existing application type default to the application type default.
Enabling the AVC Engine
Enable the AVC engine when you enable Cisco IronPort Web Usage Controls.
Step 1
Navigate to the Security Services > Acceptable Use Controls page.
Step 2
Click Edit Global Settings.
Step 3
Verify the Enable Acceptable Use Controls property is enabled.