Cisco Cisco Web Security Appliance S170 ユーザーガイド
11-4
Cisco AsyncOS 8.0.6 for Web User Guide
Chapter 11 Scan Outbound Traffic for Existing Infections
Controlling Upload Requests
Step 8
Submit your changes.
Step 9
Configure Outbound Malware Scanning Policy group control settings to define how the Web Proxy
handles transactions.
handles transactions.
The new Outbound Malware Scanning Policy group automatically inherits global policy group settings
until you configure options for each control setting.
until you configure options for each control setting.
Step 10
Submit and Commit Changes.
Controlling Upload Requests
Each upload request is assigned to an Outbound Malware Scanning Policy group and inherits the control
settings of that policy group. After the Web Proxy receives the upload request headers, it has the
information necessary to decide if it should scan the request body. The DVS engine scans the request
and returns a verdict to the Web Proxy. The block page appears to the end user, if applicable.
settings of that policy group. After the Web Proxy receives the upload request headers, it has the
information necessary to decide if it should scan the request body. The DVS engine scans the request
and returns a verdict to the Web Proxy. The block page appears to the end user, if applicable.
Step 1
Choose Web Security Manager > Outbound Malware Scanning.
Step 2
In the Destinations column, click the link for the policy group you want to configure.
Subnets
Choose whether or not to define policy group membership by subnet or other
addresses.
addresses.
You can select to use the addresses that may be defined with the associated Identity,
or you can enter specific addresses here.
or you can enter specific addresses here.
Note
If the Identity associated with this policy group defines its membership by
addresses, then in this policy group you must enter addresses that are a
subset of the addresses defined in the Identity. Adding addresses in the
policy group further narrows down the list of transactions that match this
policy group.
addresses, then in this policy group you must enter addresses that are a
subset of the addresses defined in the Identity. Adding addresses in the
policy group further narrows down the list of transactions that match this
policy group.
URL Categories
Choose whether or not to define policy group membership by URL categories.
Select the user defined or predefined URL categories.
Select the user defined or predefined URL categories.
Note
If the Identity associated with this policy group defines Identity
membership by this advanced setting, the setting is not configurable at the
non-Identity policy group level.
membership by this advanced setting, the setting is not configurable at the
non-Identity policy group level.
User Agents
Choose whether or not to define policy group membership by the user agent used
in the client request. You can select some commonly defined browsers, or define
your own using regular expressions. Choose whether this policy group should
apply to the selected user agents or to any user agent that is not in the list of selected
user agents.
in the client request. You can select some commonly defined browsers, or define
your own using regular expressions. Choose whether this policy group should
apply to the selected user agents or to any user agent that is not in the list of selected
user agents.
Note
If the Identity associated with this policy group defines Identity
membership by this advanced setting, the setting is not configurable at the
non-Identity policy group level.
membership by this advanced setting, the setting is not configurable at the
non-Identity policy group level.
User Location
Choose whether or not to define policy group membership by user location, either
remote or local.
remote or local.
Advanced Option
Description