Cisco Cisco Web Security Appliance S170 사용자 가이드

416

I R O N P O R T A S Y N C O S 6 . 5 F O R W E B U S E R G U I D E

M O N I T O R I N G S Y S T E M A C T I V I T Y

Administrators and executive management require information to better understand evolving
corporate threats. While the Web Security appliance controls the malware threat to a
corporate environment, comprehensive monitoring and reporting tools provide insight to
threats that are monitored or blocked, and display actionable data such as top clients infected
to help you manage the presence of malware.

The chapter introduces you to the monitoring tools you can use to monitor system activity and
help you interpret data specific to each Web Security appliance security component. The
Monitor tab contains a collection of system data and graphical displays for the following types
of information:

• Security Services — Summary displays of transaction data derived from the results of

filtering policies.

• Suspect Transactions Detected — Summary charts that represent the percentages of traffic

that was blocked by S-Series filtering and scanning features.

• Top Sites by Malware — Categorical displays of monitored and blocked transactions to

web sites containing malware.

• High-Risk and Malware Activity — Summary displays of client malware activity and

high-risk web sites.

Note — You can also use appliance reports to monitor appliance activity. For more
information about creating and using reports, see “Reporting” on page 433.