Cisco Cisco Web Security Appliance S170 사용자 가이드
164
I R O N P O R T A S Y N C O S 6 . 3 F O R W E B U S E R G U I D E
This is not a comprehensive list, as signatures change occasionally, and new applications are
developed. You can find additional signatures at various websites, including the following
websites:
developed. You can find additional signatures at various websites, including the following
websites:
• http://www.user-agents.org/
• http://www.useragentstring.com/pages/useragentstring.php
• http://www.infosyssec.com/infosyssec/security/useragentstrings.shtml
Note — IronPort Systems does not maintain, verify, or support the user agent listings at any of
these websites.
these websites.
Policy: URL Categories
You can specify categories of URLs to block, including the predefined “Chat” and “Peer-to-
Peer” categories. You can also add specific custom URL categories should you want to add a
URL that is not already included in the predefined categories. You may then add the custom
category to the list of blocked URLs.
Peer” categories. You can also add specific custom URL categories should you want to add a
URL that is not already included in the predefined categories. You may then add the custom
category to the list of blocked URLs.
For more information about using URL Categories, see “URL Categories” on page 159.
Policy: Objects
You can block some Peer-to-Peer files directly, via the Access Policies: Objects: Global Policy
page.
page.
On the Web Security Manager > Access Policies page, click on the value in the Objects
column for the desired policy.
column for the desired policy.
In the Block Object Type section, check any boxes in the P2P Metafiles group. You can add
custom MIME (Multipurpose Internet Mail Extensions) types by entering them in the Custom
MIME Types field. For example, entering the
custom MIME (Multipurpose Internet Mail Extensions) types by entering them in the Custom
MIME Types field. For example, entering the
application/x-zip
signature blocks ZIP
archive files.
Blocking on Ports Other Than 80
If these applications are using ports other than 80, you may want to block access to a specific
server or block of IP addresses to which the client must connect. To manage these
applications on other ports, use the L4 Traffic Monitor. The L4 Traffic monitor allows you to
server or block of IP addresses to which the client must connect. To manage these
applications on other ports, use the L4 Traffic Monitor. The L4 Traffic monitor allows you to
Trillian
Request headers
User-Agent
Trillian/
Windows Messenger
Request headers
User-Agent
MSMSGS
Yahoo Messenger
Request headers
Host
msg.yahoo.com
Yahoo Messenger
Request headers
User-Agent
ymsgr
Table 8-2Common Application Agent Patterns (Continued)
Application
Search in Setting
HTTP header
Signature