Manualshelf

User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Email Security Appliance C680
381382383384385386387388389390
15-3
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 15 URL Filtering
Setting Up URL Filtering
Step 2 Click Enable.
Step 3 Select the Enable URL Category and Reputation Filters check box.
Step 4 (Optional) If you have created a list of URLs to exempt from URL filtering when evaluating messages
for spam and malware, and from all content and message filtering, select that list.
This setting does not cause the message to bypass anti-spam or Outbreak Filters processing generally.
Step 5 Submit and commit your changes.
If you have met the applicable prerequisites, and you have already configured Outbreak Filters and
Anti-Spam protection, then you do not need to make additional configurations to benefit from enhanced
automatic detection of spam and malicious URLs.
What To Do Next
To take action based on the reputation of URLs in messages, see Taking Action Based on the
Reputation or Category of URLs in Messages, page 15-7.
To use URL categories in content and message filters, for example to enforce acceptable use
policies, see Taking Action Based on the Reputation or Category of URLs in Messages, page 15-7.
To redirect all URLs in suspected spam messages to the Cisco Web Security proxy service, see Using
Custom Headers to Redirect URLs in Suspected Spam to the Cisco Web Security Proxy:
Configuration Example, page 13-11.
(Optional) To customize the appearance of end user notification page, see Customizing the
Appearance of End User Notification Page, page 15-6.
Ensure that you receive alerts about issues related to this feature. See Future URL Category Set
Changes, page 15-22, the release notes for your AsyncOS release, and Adding Alert Recipients,
page 33-36.
About the Connection to Cisco Web Security Services
URL reputation and category are provided by cloud-based Cisco Web Security Services.
The Email Security appliance connects to the Cisco Web Security Services either directly or through a
web proxy, using the port specified for URL filtering services in Appendix D, “Firewall Information.
Communication is over HTTPS with mutual certificate authentication. Certificates are updated
automatically (see Service Updates, page 33-17.) For additional information about required certificates,
see the Release Notes available from the location specified in Certificates for URL Filtering Features,
page 15-4.
If an HTTP or HTTPS proxy has been configured on the Security Services > Service Updates page, the
Email Security appliance will use it when communicating with Cisco Web Security Services. For more
information about using a proxy server, see Configuring Server Settings for Downloading Upgrades and
Updates, page 33-21.
In FIPS mode, communications with the Cisco Web Security Services uses FIPS ciphers.
Note Certificates are not saved with a configuration file.
Related Topics
Certificates for URL Filtering Features, page 15-4