Руководство Пользователя для Cisco Cisco Content Security Management Appliance M160
5-42
AsyncOS 8.1 for Cisco Content Security Management User Guide
Chapter 5 Using Centralized Web Reporting and Tracking
From the Web Reputation Filters page, you can view the following information:
Tip
To customize your view of this report, see
.
Adjusting Web Reputation Settings
Based on your report results, you may want to adjust the configured web reputation settings, for example
adjust the threshold scores or enable or disable Adaptive Scanning. For specific information about
configuring web reputation settings, see the user guide for your version of Cisco IronPort AsyncOS for
Web Security.
adjust the threshold scores or enable or disable Adaptive Scanning. For specific information about
configuring web reputation settings, see the user guide for your version of Cisco IronPort AsyncOS for
Web Security.
L4 Traffic Monitor Report
The Web > Reporting> L4 Traffic Monitor page displays information about malware ports and
malware sites that the L4 Traffic Monitors on your Web Security appliances have detected during the
specified time range. It also displays IP addresses of clients that frequently encounter malware sites.
malware sites that the L4 Traffic Monitors on your Web Security appliances have detected during the
specified time range. It also displays IP addresses of clients that frequently encounter malware sites.
The L4 Traffic Monitor listens to network traffic that comes in over all ports on each Web Security
appliance and matches domain names and IP addresses against entries in its own database tables to
determine whether to allow incoming and outgoing traffic.
appliance and matches domain names and IP addresses against entries in its own database tables to
determine whether to allow incoming and outgoing traffic.
Table 5-12
Details on the Web > Reporting > Web Reputation Filters Page
Section
Description
Time Range (drop-down list)
A drop-down list that can range from a day to 90 days or a custom
range. For more information on time ranges and customizing this
for your needs, see the
range. For more information on time ranges and customizing this
for your needs, see the
.
Web Reputation Actions (Trend)
This section, in graph format, displays the total number of web
reputation actions (vertical) against the time specified (horizontal
timeline). From this you can see potential trends over time for
web reputation actions.
reputation actions (vertical) against the time specified (horizontal
timeline). From this you can see potential trends over time for
web reputation actions.
Web Reputation Actions (Volume)
This section displays the web reputation action volume in
percentages by transactions.
percentages by transactions.
Web Reputation Threat Types by
Blocked Transactions
Blocked Transactions
This section displays the Web Reputation type that has been
blocked.
blocked.
Web Reputation Threat Types by
Scanned Further Transactions
Scanned Further Transactions
If Adaptive Scanning is enabled, this section displays the number
of potentially threatening transactions caught.
of potentially threatening transactions caught.
If Adaptive Scanning is not enabled, this section displays the Web
Reputation type that has been blocked and due to this action,
needs to be scanned further. If the result of Web Reputation
filtering is to ‘Scan Further’, the transaction is passed to the
Anti-Malware tool for additional scanning.
Reputation type that has been blocked and due to this action,
needs to be scanned further. If the result of Web Reputation
filtering is to ‘Scan Further’, the transaction is passed to the
Anti-Malware tool for additional scanning.
Web Reputation Actions
(Breakdown by Score)
If Adaptive Scanning is not enabled, this interactive table
displays the Web Reputation scores broken down for each action.
displays the Web Reputation scores broken down for each action.