Cisco Cisco Web Security Appliance S170 ユーザーガイド

To prevent malicious data from leaving the network, the Web Security appliance provides the Outbound 
Malware Scanning feature. Using policy groups, you can define which uploads are scanned for malware, 
which anti-malware scanning engines to use for scanning, and which malware types to block.

The Cisco IronPort Dynamic Vectoring and Streaming (DVS) engine scans transaction requests as they 
leave the network. By working with the Cisco IronPort DVS engine, the Web Security appliance enables 
you to prevent users from unintentionally uploading malicious data. 

You can perform the following tasks:

When the Cisco IronPort DVS engine blocks an upload request, the Web Proxy sends a block page to the 
end user. However, not all websites display the block page to the end user. Some Web 2.0 websites 
display dynamic content using javascript instead of a static webpage and are not likely to display the 
block page. Users are still properly blocked from uploading malicious data, but they may not always be 
informed of this by the website.

Create policies to block malware

Creating Outbound Malware Scanning Policies, page 12-4

Assign upload requests to outbound 
malware policy groups

Controlling Upload Requests, page 12-6