Руководство Пользователя для Cisco Cisco Web Security Appliance S170
C H A P T E R
2-1
Cisco IronPort AsyncOS 7.7 for Web User Guide
2
Using the Web Security Appliance
•
•
•
•
•
Understanding How the Web Security Appliance Works
The Web Proxy and the L4 Traffic Monitor are independent services. They are enabled and configured
separately to provide the highest level of protection against a broad range of web-based malware threats.
separately to provide the highest level of protection against a broad range of web-based malware threats.
The Web Proxy and L4 Traffic Monitor use data that is stored in filtering tables to evaluate and match
URL request attributes such as domain names, and IP address path segments with locally maintained
database records. If a match occurs, Access Policy settings determine an action to block or monitor the
traffic. If no match occurs, processing continues.
URL request attributes such as domain names, and IP address path segments with locally maintained
database records. If a match occurs, Access Policy settings determine an action to block or monitor the
traffic. If no match occurs, processing continues.
Web Proxy
The Web Security appliance Web Proxy supports the following security features:
•
Policy groups — Policy groups allow administrators to create groups of users and apply different
levels of category-based access control to each group.
levels of category-based access control to each group.
•
URL Filtering Categories — You can configure how the appliance handles each web transaction
based on the URL category of a particular HTTP request.
based on the URL category of a particular HTTP request.
•
Applications — The Application Visibility and Control engine (AVC engine) enables administrators
to apply deeper controls to particular application types.
to apply deeper controls to particular application types.
•
Web Reputation Filters — Reputation filters analyze web server behavior and characteristics to
identify suspicious activity and protect against URL-based malware threats.
identify suspicious activity and protect against URL-based malware threats.
•
Anti-Malware Services — The Cisco IronPort DVS™ engine in combination with the Webroot™
and McAfee scanning engines identify and stop a broad range of web-based malware threats.
and McAfee scanning engines identify and stop a broad range of web-based malware threats.
For detailed information about Web Proxy services, see
.