Cisco Cisco Web Security Appliance S170 사용자 가이드
18
I R O N P O R T A S Y N C O S 6 . 5 F O R W E B U S E R G U I D E
Using the Command Line Interface (CLI)
You can establish an SSH or serial console connection to administer the appliance using the
CLI. The Web Security appliance CLI supports a set of commands to access, install, and
administer the system. See “Command Line Interface” on page 547 for information about the
CLI and a list of supported commands that can be used to access, upgrade, and administer the
appliance.
CLI. The Web Security appliance CLI supports a set of commands to access, install, and
administer the system. See “Command Line Interface” on page 547 for information about the
CLI and a list of supported commands that can be used to access, upgrade, and administer the
appliance.
The SenderBase Network
The SenderBase Network is a threat management database that tracks millions of domains
around the world and maintains a global watch list for Internet traffic. SenderBase provides
IronPort with an assessment of reliability for known Internet domains. The Web Security
appliance uses the SenderBase data feeds to improve the accuracy of Web Reputation Scores.
around the world and maintains a global watch list for Internet traffic. SenderBase provides
IronPort with an assessment of reliability for known Internet domains. The Web Security
appliance uses the SenderBase data feeds to improve the accuracy of Web Reputation Scores.
Basic SenderBase Network Participation is enabled by default during system setup. The
appliance supports three levels of participation in the SenderBase Network:
appliance supports three levels of participation in the SenderBase Network:
• Disabled. Participation is disabled and none of the data that the appliance collects is sent
back to the SenderBase Network servers.
• Limited. Basic participation summarizes server name information and sends MD5-hashed
path segments to the SenderBase Network servers.
• Standard. Enhanced participation sends the entire URL with unobfuscated path segments
to the SenderBase Network servers. This option assists in providing a more robust
database, and continually improves the integrity of Web Reputation Scores.
database, and continually improves the integrity of Web Reputation Scores.
To select a level of participation in the SenderBase Network, use the Security Services >
SenderBase page.
SenderBase page.
Sharing Data
Participating in the SenderBase Network means that IronPort collects data and shares that
information with the SenderBase threat management database. This data includes information
about request attributes and how the appliance handles requests.
information with the SenderBase threat management database. This data includes information
about request attributes and how the appliance handles requests.
IronPort recognizes the importance of maintaining your privacy, and does not collect or use
personal or confidential information such as usernames and passwords. Additionally, the file
names and URL attributes that follow the hostname are obfuscated to ensure confidentiality.
When it comes to decrypted HTTPS transactions, the SenderBase Network only receives the
IP address, web reputation score, and URL category of the server name in the certificate.
personal or confidential information such as usernames and passwords. Additionally, the file
names and URL attributes that follow the hostname are obfuscated to ensure confidentiality.
When it comes to decrypted HTTPS transactions, the SenderBase Network only receives the
IP address, web reputation score, and URL category of the server name in the certificate.
If you agree to participate in the SenderBase Network, data sent from your IronPort appliance
is transferred securely using HTTPS. Sharing data improves IronPort’s ability to react to web-
based threats and protect your corporate environment from malicious activity.
is transferred securely using HTTPS. Sharing data improves IronPort’s ability to react to web-
based threats and protect your corporate environment from malicious activity.
Reporting and Logging
The Web Security appliance provides several options for capturing data and monitoring
system activity. For detailed information about scheduling reports, see “Reporting Overview”
on page 434. For more information about working with log files, see “Logging” on page 441.
system activity. For detailed information about scheduling reports, see “Reporting Overview”
on page 434. For more information about working with log files, see “Logging” on page 441.