Cisco Cisco Web Security Appliance S170 사용자 가이드

402

I R O N P O R T   A S Y N C O S   6 . 3   F O R   W E B   U S E R   G U I D E  

WE B   S I T E   A C T I V I T Y   PA G E

Use the following pages to monitor high-risk web sites accessed during a specific time range:

• Monitor > Web Site Activity page — This page shows the Web Site Activity report, which 

includes the following information:

• Top five sites by high-risk transactions detected. A high-risk transaction is any 

monitored or blocked transaction.

• Top five sites by malware transactions detected. 

The site details section at the bottom of the page lists all of the sites with high-risk 
transactions. You can use column headings to sort the data and each URL links to the Web 
Site Detail page.

• Web Site Detail page — This page shows the high-risk transactions for the site in a trend 

graph that uses a different color for each type of high-risk transaction. 

The Summary tab shows the same information as the trend graph, but in table format. It 
shows the transactions blocked by URL filtering, transactions blocked by Web Reputation 
Filters, transactions detected by Anti-Malware scanning, other blocked transactions, total 
high-risk transactions, and URL categories of the site. The All tab displays bandwidth 
saved by blocking and includes detail about transactions detected by Anti-Malware 
scanning.

The Other Blocked Transactions column displays transactions blocked by a policy rule. 
This data includes the following conditions:

• File size over limit

• File type not allowed

• User agent not allowed

• Protocol not allowed

• Authentication denied

• Attempted HTTP tunneling (CONNECT) on disabled port

User agents blocked by a policy configuration are recorded as “other blocked 
transactions.” Suspect user agents detected by the Anti-Malware DVS engine are recorded 
as blocked by Anti-Malware scanning.