Overview of Scanning Outbound Traffic
To prevent malicious data from leaving the network, the Web Security Appliance provides the Outbound Malware Scanning feature. Using policy groups, you can define which uploads are scanned for malware, which anti-malware scanning engines to use for scanning, and which malware types to block.
The Cisco Dynamic Vectoring and Streaming (DVS) engine scans transaction requests as they leave the network. By working with the Cisco DVS engine, the Web Security Appliance enables you to prevent users from unintentionally uploading malicious data.
You can perform the following tasks:
Task |
Link to Task |
---|---|
Create policies to block malware |
|
Assign upload requests to outbound malware policy groups |
User Experience When Requests Are Blocked by the DVS Engine
When the Cisco DVS engine blocks an upload request, the Web Proxy sends a block page to the end user. However, not all Websites display the block page to the end user. Some Web 2.0 Websites display dynamic content using Javascript instead of a static Webpage and are not likely to display the block page. Users are still properly blocked from uploading malicious data, but they may not always be informed of this by the Website.