Cisco Cisco Web Security Appliance S170 ユーザーガイド
13-6
AsyncOS 8.6 for Cisco Web Security Appliances User Guide
Chapter 13 File Reputation Filtering and File Analysis
Configuring File Reputation and Analysis Features
•
Ensure that a Data network interface is enabled on the appliance if you want to use a Data network
interface for File Reputation and Analysis services. See
interface for File Reputation and Analysis services. See
.
•
Verify connectivity to the update servers configured in
Procedure
Step 1
Select Security Services > Anti-Malware and Reputation .
Step 2
Click Edit Global Settings.
Step 3
In the Advanced Malware Protection Services section, select Enable File Reputation Filtering.
Step 4
Accept the license agreement if presented.
Step 5
In the Advanced Malware Protection Services section, select Enable File Analysis.
Step 6
Step 7
In the File Analysis section, select the file types to send to the cloud for analysis.
Step 8
In the File Analysis section, select the file types to send to the cloud for analysis.
Step 9
Adjust the following Advanced settings as desired:
Note
Do not change any other Advanced settings without guidance from Cisco support.
Step 10
Submit and commit your changes.
Option
Description
SSL Communication for File Reputation
Check Use SSL (Port 443) to communicate on port 443
instead of the default port, 32137.
instead of the default port, 32137.
This option also allows you to configure an upstream proxy
for communication with the file reputation service.
for communication with the file reputation service.
Note
SSL communication over port 32137 may require
you to open that port in your firewall.
you to open that port in your firewall.
Routing Table
The routing table (associated with an appliance network
interface type, either Management or Data) to be used for
Advanced Malware Protection services. If the appliance
has both the Management interface and one or more Data
interfaces enabled, you can select Management or Data.
interface type, either Management or Data) to be used for
Advanced Malware Protection services. If the appliance
has both the Management interface and one or more Data
interfaces enabled, you can select Management or Data.
Reputation Threshold
•
Use value from Cloud Service
•
Enter custom value
The upper limit for acceptable file reputation scores.
Scores above this threshold indicate the file is infected.
Scores above this threshold indicate the file is infected.