Cisco Cisco Web Security Appliance S370 사용자 가이드

If you will use a Cisco AMP Threat Grid Appliance as a private cloud file analysis server, see 

. 

Select Security Services > Anti-Malware and Reputation . 

Click Edit Global Settings. 

In the Advanced Malware Protection Services section, select Enable File Reputation Filtering. 

Accept the license agreement if presented.

In the Advanced Malware Protection Services section, select Enable File Analysis. 

In the File Analysis section, select the file types to send to the cloud for analysis.

Adjust the following Advanced Settings for File Reputation as needed:

Do not change any other settings in this section without guidance from Cisco support. 

If you will use the cloud service for file analysis: 

Select Advanced Settings for File Analysis. 

Choose the cloud server that is physically nearest to your  Web Security appliances. 

Newly available servers will be added to this list periodically using standard update processes. 

If you will use an on-premises Cisco AMP Threat Grid appliance for file analysis: 

Configure Advanced Settings for File Analysis: 

Routing Table

The routing table (associated with an appliance network 
interface type, either Management or Data) to be used for 
Advanced Malware Protection services. If the appliance 
has both the Management interface and one or more Data 
interfaces enabled, you can select Management or Data.

SSL Communication for File Reputation

Check Use SSL (Port 443) to communicate on port 443 
instead of the default port, 32137.

This option also allows you to configure an upstream proxy 
for communication with the file reputation service.

SSL communication over port 32137 may require 
you to open that port in your firewall.

Reputation Threshold

Use value from Cloud Service

Enter custom value

The upper limit for acceptable file reputation scores. 
Scores above this threshold indicate the file is infected.