Руководство Пользователя для Cisco Cisco Web Security Appliance S170
20-4
AsyncOS 9.1.1 for Cisco Web Security Appliances User Guide
Chapter 20 Detecting Rogue Traffic on Non-Standard Ports
Viewing L4 Traffic Monitor Activity
Note
Adding internal IP addresses to the Additional Suspected Malware Addresses list causes
legitimate destination URLs to show up as malware in L4 Traffic Monitor reports. To avoid
this do not enter internal IP addresses in the “Additional Suspected Malware Addresses”
field on the Web Security Manager > L4 Traffic Monitor Policies page.
legitimate destination URLs to show up as malware in L4 Traffic Monitor reports. To avoid
this do not enter internal IP addresses in the “Additional Suspected Malware Addresses”
field on the Web Security Manager > L4 Traffic Monitor Policies page.
Step 4
Submit and Commit Changes.
Related Topics
•
•
Valid Formats
When you add addresses to the Allow List or Additional Suspected Malware Addresses properties,
separate multiple entries with whitespace or commas. You can enter addresses in any of the following
formats:
separate multiple entries with whitespace or commas. You can enter addresses in any of the following
formats:
•
IPv4 IP address. Example: IPv4 format: 10.1.1.0. IPv6 format: 2002:4559:1FE2::4559:1FE2
•
CIDR address. Example: 10.1.1.0/24.
•
Domain name. Example: example.com.
•
Hostname. Example: crm.example.com.
Viewing L4 Traffic Monitor Activity
The S-Series appliance supports several options for generating feature specific reports and interactive
displays of summary statistics.
displays of summary statistics.
Monitoring Activity and Viewing Summary Statistics
The Reporting > L4 Traffic Monitor page provides statistical summaries of monitoring activity. You
can use the following displays and reporting tools to view the results of L4 Traffic Monitor activity:
can use the following displays and reporting tools to view the results of L4 Traffic Monitor activity:
To view...
See...
Client statistics
Reporting > Client Activity
Malware statistics
Port statistics
Reporting > L4 Traffic Monitor
L4 Traffic Monitor log files
System Administration > Log Subscriptions
•
trafmon_errlogs
•
trafmonlogs