Cisco Cisco Web Security Appliance S170 사용자 가이드

The Web Proxy and the L4 Traffic Monitor are independent services. They are enabled and configured 
separately to provide the highest level of protection against a broad range of web-based malware threats.

The Web Proxy and L4 Traffic Monitor use data that is stored in filtering tables to evaluate and match 
URL request attributes such as domain names, and IP address path segments with locally maintained 
database records. If a match occurs, Access Policy settings determine an action to block or monitor the 
traffic. If no match occurs, processing continues. 

The Web Security appliance Web Proxy supports the following security features:

Policy groups — Policy groups allow administrators to create groups of users and apply different 
levels of category-based access control to each group.

URL Filtering Categories — You can configure how the appliance handles each web transaction 
based on the URL category of a particular HTTP request.

Applications — The Application Visibility and Control engine (AVC engine) enables administrators 
to apply deeper controls to particular application types.

Web Reputation Filters — Reputation filters analyze web server behavior and characteristics to 
identify suspicious activity and protect against URL-based malware threats. 

Anti-Malware Services — The Cisco IronPort DVS™ engine in combination with the Webroot™ 
and McAfee scanning engines identify and stop a broad range of web-based malware threats.

For detailed information about Web Proxy services, see 

.

The L4 Traffic Monitor is a configurable service that listens and monitors network ports for rogue 
activity and blocks malware attempts to infect your corporate network. Additionally, the L4 Traffic 
Monitor detects infected clients and stops malicious activity from going outside the corporate network.