Cisco Cisco Web Security Appliance S170 사용자 가이드

If the L4 Traffic Monitor is configured to block, the L4 Traffic Monitor and the Web Proxy must 
be configured on the same network. Use the Network > Routes page to confirm that all clients 
are accessible on routes that are configured for data traffic.

Submit and commit your changes.

When you add addresses to the Allow List or Additional Suspected Malware Addresses properties, 
separate multiple entries with whitespace or commas. You can enter addresses in any of the following 
formats:

IP address. For example, 10.1.1.0.

CIDR address. For example, 10.1.1.0/24.

Domain name. For example, example.com. Entering a domain name such as example.com will also 
match www.example.com and hostname.example.com.

Hostname. For example, crm.example.com.

The S-Series appliance supports several options for generating feature specific reports and interactive 
displays of summary statistics. 

Additional 
Suspected Malware 
Addresses 
(optional)

Enter zero or more known addresses that the L4 Traffic Monitor should consider 
as a possible malware. For a list of valid address formats you can use, see 

.

If you choose to block suspected malware addresses, the L4 Traffic Monitor will 
either block or monitor these addresses depending on whether it determines them 
to be known malware addresses or ambiguous addresses. For definitions of 
ambiguous and known malware addresses, see 

.

If you choose to monitor suspected malware addresses, it will monitor these 
addresses.

Adding internal IP addresses to the Additional Suspected Malware 
Addresses list causes legitimate destination URLs to show up as malware 
in L4 Traffic Monitor reports. To avoid this type of erroneous reporting, 
do not enter internal IP addresses in the “Additional Suspected Malware 
Addresses” field on the Web Security Manager > L4 Traffic Monitor 
Policies page.