Cisco Cisco Web Security Appliance S170 사용자 가이드
C L I E N T S P A G E S
C H A P T E R 1 8 : M O N I T O R I N G
401
C L I E N T S PA G E S
You can use the following pages to monitor client activity:
• Monitor > Clients > Web Activity page — This page shows the Client Web Activity report,
which includes the following information:
• Top clients by total web transactions
• Top clients by blocked web transactions
The client details table provides additional details including, bandwidth usage and the
amount of bandwidth saved by blocking.
amount of bandwidth saved by blocking.
The user ID’s and client IP addresses are interactive and link to a Client Detail page that
provides information respective to each client.
provides information respective to each client.
• Monitor > Clients > Malware Risk page — This page shows the Client Malware Risk
report, which includes the following information:
• Web Proxy top clients by malware risk (number of transactions)
• L4 Traffic Monitor top clients by malware risk (number of connections)
The client details at the bottom of the page display the same data as the graphs, but for all
clients and in table format. In addition, the All tab for Web Proxy transactions provides
information about the bandwidth that was saved by blocking, and it shows how many
monitored and blocked malware transactions were detected at request time or detected at
response time.
clients and in table format. In addition, the All tab for Web Proxy transactions provides
information about the bandwidth that was saved by blocking, and it shows how many
monitored and blocked malware transactions were detected at request time or detected at
response time.
The user ID’s and client IP addresses are interactive and link to a Client Detail page that
provides detailed information respective to each client.
provides detailed information respective to each client.
• Client Detail page — This page shows all the web activity and malware risk data for a
particular client during the specified time range. It includes the following information:
• Completed and blocked web transactions
• Web Proxy monitored and blocked malware transactions
• L4 Traffic Monitor malware connections
• URL categories matched
• Malware threats detected
• Suspect user agents detected
Note — The client reports sometimes show a user with an asterisk (*) at the end of the user
name. For example, the Client Web Activity report might show an entry for both “jsmith” and
“jsmith*”. User names listed with an asterisk (*) indicate the user name provided by the user,
but not confirmed by the authentication server. This happens when the authentication server
was not available at the time and the appliance is configured to permit traffic when
authentication service is unavailable.
name. For example, the Client Web Activity report might show an entry for both “jsmith” and
“jsmith*”. User names listed with an asterisk (*) indicate the user name provided by the user,
but not confirmed by the authentication server. This happens when the authentication server
was not available at the time and the appliance is configured to permit traffic when
authentication service is unavailable.