Cisco Cisco Web Security Appliance S160 Guia Do Utilizador
1-4
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 1 Getting Started with the Web Security Appliance
What’s New in This Release
Enhanced:
Native FTP
Proxy
Proxy
AsyncOS for Web 7.5 includes several enhancements to native FTP functionality.
•
You can use spaces and the @ character in FTP user names and passwords.
However, you must precede these characters with a backslash character (\).
[Defect IDs: 52183 and 55380]
However, you must precede these characters with a backslash character (\).
[Defect IDs: 52183 and 55380]
•
FTP clients can specify any TCP port for the control connection as long as they
use proper formatting (hostname:port). [Defect ID: 55044]
use proper formatting (hostname:port). [Defect ID: 55044]
•
Regardless of which mode the FTP client uses to connect to the FTP Proxy, the
FTP Proxy first attempts to use passive mode to connect to the FTP server.
However, if the FTP server does not allow passive mode, the FTP Proxy uses
active mode. [Defect ID: 51308]
FTP Proxy first attempts to use passive mode to connect to the FTP server.
However, if the FTP server does not allow passive mode, the FTP Proxy uses
active mode. [Defect ID: 51308]
•
The FTP notification message defined on the appliance is displayed to native
FTP clients when the FTP Proxy cannot establish a connection with the FTP
server for any reason, such as an error with FTP Proxy authentication or a bad
reputation for the server domain name. Previously, it was only displayed when
there was an error with FTP Proxy authentication.
FTP clients when the FTP Proxy cannot establish a connection with the FTP
server for any reason, such as an error with FTP Proxy authentication or a bad
reputation for the server domain name. Previously, it was only displayed when
there was an error with FTP Proxy authentication.
•
Access logs now include entries for when users first start a native FTP session.
Search the access log file for “FTP_CONNECT” (explicit forward
connections) and “FTP_TUNNEL” (transparent connections).
Search the access log file for “FTP_CONNECT” (explicit forward
connections) and “FTP_TUNNEL” (transparent connections).
•
The following FTP commands are now supported:
–
XMKD, XRMD, XPWD, XCUP [Defect ID: 67985]
–
REST, APPE [Defect ID: 70135]
–
STOU
•
The ports defined for the Active Mode Data Port Range now apply to FTP over
HTTP transactions as well as native FTP transactions.
HTTP transactions as well as native FTP transactions.
•
The FTP Proxy now supports Trivial Virtual File Store (TVFS) FTP
extensions.
extensions.
Enhanced:
L4 Traffic
Monitor
Reporting and
Tracking
Monitor
Reporting and
Tracking
In AsyncOS for Web 7.5, enhancements have been made to the L4 Traffic Monitor
report to improve your ability to determine whether blocking a site or a port is the
more effective solution to a particular malware problem, or whether to take action
specific to a particular client IP address that is at unusually high risk.
report to improve your ability to determine whether blocking a site or a port is the
more effective solution to a particular malware problem, or whether to take action
specific to a particular client IP address that is at unusually high risk.
•
You can view a list of top client IP addresses accessing malware sites, and filter
these results by port.
these results by port.
•
You can filter top malware sites by port.
•
You can click the data in a table in the report to view details for a suspect site,
port, or client IP address.
port, or client IP address.
•
You can perform multi-dimensional searches for malware risk areas, for
example by hostname and port.
example by hostname and port.
For more information, see
.
Table 1-1
New Features for AsyncOS 7.7 for Web (continued)
Feature
Description