Cisco Cisco Web Security Appliance S170 사용자 가이드
14-11
AsyncOS 10.0 for Cisco Web Security Appliances User Guide
Chapter 14 File Reputation Filtering and File Analysis
Configuring File Reputation and Analysis Features
Step 9
If you are using an on-premises Cisco AMP Threat Grid appliance, activate the account for this appliance
on the AMP Threat Grid appliance.
on the AMP Threat Grid appliance.
Complete instructions for activating the “user” account are available in the AMP Threat Grid
documentation.
documentation.
a.
Note the File Analysis Client ID that appears at the bottom of the section. This identifies the “user”
that you will activate.
that you will activate.
b.
Sign in to the AMP Threat Grid appliance.
c.
Select Welcome... > Manage Users and navigate to User Details.
d.
Locate the “user” account based on the File Analysis Client ID of your Web Security appliance.
e.
Activate this “user” account for your appliance.
(Public Cloud File Analysis Services Only) Configuring Appliance Groups
In order to allow all content security appliances in your organization to view file analysis result details
in the cloud for files sent for analysis from any appliance in your organization, you need to join all
appliances to the same appliance group.
in the cloud for files sent for analysis from any appliance in your organization, you need to join all
appliances to the same appliance group.
Step 1
Select Security Services > Anti-Malware and Reputation .
Step 2
In the Appliance Grouping for File Analysis Cloud Reporting section, provide the File Analysis Cloud
Reporting Group ID.
Reporting Group ID.
•
If this is the first appliance being added to the group, provide a useful identifier for the group.
•
This ID is case-sensitive, and cannot contain spaces.
•
The ID you provide must be identical on all appliances that will share data about files that are
uploaded for analysis. However, the ID is not validated on subsequent group appliances.
uploaded for analysis. However, the ID is not validated on subsequent group appliances.
•
If you enter the Group ID incorrectly or need to change it for any other reason, you must open a case
with Cisco TAC.
with Cisco TAC.
•
This change takes effect immediately; it does not require a Commit.
•
All appliances in the group must be configured to use the same File Analysis server in the cloud.
•
An appliance can belong to only one group.
•
You can add a machine to a group at any time, but you can do it only once.
Step 3
Click Add Appliance to Group.
Which Appliances Are In the Analysis Group?
Step 1
Select Security Services > Anti-Malware and Reputation .
Step 2
In the Appliance Grouping for File Analysis Cloud Reporting section, click View Appliances in Group.
Step 3
To view the File Analysis Client ID of a particular appliance, look in the following location: