Cisco Cisco Web Security Appliance S370 Guia Do Utilizador

Advanced Malware Protection protects against zero-day and targeted file-based threats by: 

Obtaining the reputation of known files. 

Analyzing behavior of certain files that are not yet known to the reputation service. 

Continuously evaluating emerging threats as new information becomes available, and notifying you 
about files that are determined to be threats after they have entered your network. 

These features are available only for file downloads. Uploaded files are not evaluated. 

The file reputation service and the file analysis service are available as either public-cloud or 
private-cloud (on-premises) services. 

The private-cloud file reputation service is provided by Cisco AMP Virtual Private Cloud appliance, 
operating in either “proxy” or “air-gap” (on-premises) mode. See 

.

The private-cloud file analysis service is provided by an on-premises Cisco AMP Threat Grid 
appliance. See 

Threat verdicts can change as new information emerges. A file may initially be evaluated as unknown or 
clean, and the user may thus be allowed to access the file. If the threat verdict changes as new information 
becomes available, you will be alerted, and the file and its new verdict appear in the AMP Verdict Updates 
report. You can investigate the point-of-entry transaction as a starting point to remediating any impacts of the 
threat. 

Verdicts can also change from malicious to clean.