Cisco Cisco Web Security Appliance S690 사용자 가이드
14-7
AsyncOS 10.0 for Cisco Web Security Appliances User Guide
Chapter 14 File Reputation Filtering and File Analysis
Configuring File Reputation and Analysis Features
•
Set up and configure the Cisco AMP Virtual Private Cloud appliance in either “proxy” or “air-gap”
(on-premises) mode.
(on-premises) mode.
•
Ensure the Cisco AMP Virtual Private Cloud appliance software version is 2.2, which enables
integration with Cisco Web Security appliances.
integration with Cisco Web Security appliances.
•
Ensure that your appliances can communicate with each other over your network.
•
Download the AMP Virtual Private Cloud certificate and keys on that appliance for upload to this
Web Security appliance.
Web Security appliance.
Note
After you have set up the on-premises file-reputation server, you will configure connection to it from
this Web Security appliance; see
this Web Security appliance; see
Configuring an On-premises File Analysis Server
If you will use a Cisco AMP Threat Grid appliance as a private-cloud file analysis server:
•
You can obtain the Cisco AMP Threat Grid Appliance Setup and Configuration Guide and the
Cisco AMP Threat Grid Appliance Administration Guide. Cisco AMP Threat Grid Appliance
documentation from
Cisco AMP Threat Grid Appliance Administration Guide. Cisco AMP Threat Grid Appliance
documentation from
Use that documentation to perform the tasks described in this topic.
Additional documentation is available from the Help link in the AMP Threat Grid appliance.
In the Administration Guide, search for information about all of the following: integrations with
other Cisco appliances, CSA, Cisco Sandbox API, WSA, and Web Security Appliances.
other Cisco appliances, CSA, Cisco Sandbox API, WSA, and Web Security Appliances.
•
Set up and configure the Cisco AMP Threat Grid Appliance.
•
If necessary, update your Cisco AMP Threat Grid Appliance software to version 1.2.1, which
supports integration with Cisco Web Security appliances.
supports integration with Cisco Web Security appliances.
See the AMP Thread Grid documentation for instructions for determining the version number and
for performing the update.
for performing the update.
•
Ensure that your appliances can communicate with each other over your network. Cisco Web
Security appliances must be able to connect to the CLEAN interface of the AMP Threat Grid
appliance.
Security appliances must be able to connect to the CLEAN interface of the AMP Threat Grid
appliance.
•
If you will deploy a self-signed certificate: Generate a self-signed SSL certificate from the Cisco
AMP Threat Grid appliance to be used on your Web Security appliance. See instructions for
downloading SSL certificates and keys in the administrator’s guide for your AMP Threat Grid
appliance. Be sure to generate a certificate that has the host name of your AMP Threat Grid
appliance as CN. The default certificate from the AMP Threat Grid appliance does NOT work.
AMP Threat Grid appliance to be used on your Web Security appliance. See instructions for
downloading SSL certificates and keys in the administrator’s guide for your AMP Threat Grid
appliance. Be sure to generate a certificate that has the host name of your AMP Threat Grid
appliance as CN. The default certificate from the AMP Threat Grid appliance does NOT work.
•
Registration of your Web Security appliance with your Threat Grid appliance occurs automatically
when you submit the configuration for File Analysis, as described in
when you submit the configuration for File Analysis, as described in
. However, you must activate the registration as
described in the same procedure.