Cisco Cisco Content Security Management Appliance M1070 ユーザーガイド
4-51
Cisco IronPort AsyncOS 7.2.0 for Security Management User Guide
OL-21768-01
Chapter 4 Using Centralized Web Reporting
Configuring Anti-Malware
Note
Before you use the anti-malware feature on the Security Management appliance,
you must first configure global settings on the Web Security appliance and then
apply specific settings to different policies. For more information, see
“Configuring Anti-Malware Scanning” in the Cisco IronPort AsyncOS for Web
User Guide.
you must first configure global settings on the Web Security appliance and then
apply specific settings to different policies. For more information, see
“Configuring Anti-Malware Scanning” in the Cisco IronPort AsyncOS for Web
User Guide.
To configure anti-malware, you must first configure the two following settings:
•
Global anti-malware settings. Set object scanning parameters, specify
global settings for URL matching, and control when to block the URL or
allow processing to continue.
global settings for URL matching, and control when to block the URL or
allow processing to continue.
System Monitor
A system monitor encompasses any software that performs one of the following
actions:
actions:
Overtly or covertly records system processes and/or user action.
Makes those records available for retrieval and review at a later time.
Trojan Downloader
A trojan downloader is a Trojan that, after installation, contacts a remote
host/site and installs packages or affiliates from the remote host. These
installations usually occur without the user’s knowledge. Additionally, a Trojan
Downloader’s payload may differ from installation to installation since it
obtains downloading instructions from the remote host/site.
host/site and installs packages or affiliates from the remote host. These
installations usually occur without the user’s knowledge. Additionally, a Trojan
Downloader’s payload may differ from installation to installation since it
obtains downloading instructions from the remote host/site.
Trojan Horse
A trojan horse is a destructive program that masquerades as a benign
application. Unlike viruses, Trojan horses do not replicate themselves.
application. Unlike viruses, Trojan horses do not replicate themselves.
Trojan Phisher
A trojan phisher may sit on an infected computer waiting for a specific web
page to be visited or may scan the infected machine looking for user names and
passwords for bank sites, auction sites, or online payment sites.
page to be visited or may scan the infected machine looking for user names and
passwords for bank sites, auction sites, or online payment sites.
Virus
A virus is a program or piece of code that is loaded onto your computer without
your knowledge and runs against your wishes.
your knowledge and runs against your wishes.
Worm
A worm is program or algorithm that replicates itself over a computer network
and usually performs malicious actions.
and usually performs malicious actions.
Table 4-11
Malware Category Descriptions (continued)
Malware Type
Description