Cisco Cisco Web Security Appliance S170 Guia Do Utilizador

 

If the file is sent for analysis: 

If the file is sent to the cloud for analysis: Files are sent over HTTPS. 

Analysis normally takes minutes, but may take longer. 

A file that is flagged as malicious after File Analysis may not be identified as malicious by the 
reputation service. File reputation is determined by a variety of factors over time, not necessarily by 
a single file analysis verdict. 

Results for files analyzed using an on premises Cisco AMP Threat Grid appliance are cached locally. 

For information about verdict updates, see 

.

The reputation service evaluates most file types. File type identification is determined by file content and 
is not dependent on the filename extension. 

Some files with unknown reputation can be analyzed for threat characteristics. When you configure the 
file analysis feature, you choose which file types are analyzed. New types can be added dynamically; 
you will receive an alert when the list of uploadable file types changes, and can select added file types 
to upload. 

Details about what files are supported by the reputation and analysis services are available only to 
registered Cisco customers. For information about which files are evaluated and analyzed, see File 
Criteria for Advanced Malware Protection Services for Cisco Content Security Products, available from 

. 

The criteria for evaluating a file’s reputation and for sending files for analysis may change at any time.

In order to access this document, you must have a Cisco customer account with a support contract. To 
register, visit

Your setting for DVS Engine Object Scanning Limits on the Security Services > Anti-Malware and 
Reputation page also determines the maximum file size for file reputation and analysis.