Cisco Cisco Web Security Appliance S670 Mode D'Emploi

Adding internal IP addresses to the Additional Suspected Malware Addresses list causes 
legitimate destination URLs to show up as malware in L4 Traffic Monitor reports. To avoid 
this do not enter internal IP addresses in the “Additional Suspected Malware Addresses” 
field on the Web Security Manager > L4 Traffic Monitor Policies page.

Submit and Commit Changes.

When you add addresses to the Allow List or Additional Suspected Malware Addresses properties, 
separate multiple entries with whitespace or commas. You can enter addresses in any of the following 
formats:

IPv4 IP address. Example: IPv4 format: 10.1.1.0. IPv6 format: 2002:4559:1FE2::4559:1FE2

CIDR address. Example: 10.1.1.0/24.

Domain name. Example: example.com. 

Hostname. Example: crm.example.com.

The S-Series appliance supports several options for generating feature specific reports and interactive 
displays of summary statistics. 

The Reporting > L4 Traffic Monitor page provides statistical summaries of monitoring activity. You 
can use the following displays and reporting tools to view the results of L4 Traffic Monitor activity:

Client statistics

Reporting > Client Activity 

Malware statistics

Port statistics

Reporting > L4 Traffic Monitor

L4 Traffic Monitor log files

System Administration > Log Subscriptions

trafmon_errlogs

trafmonlogs