spyware - cisco€¦ · spyware •overview,onpage1...

of 2/2
Spyware Overview, on page 1 Allowing Applications Classified as Potentially Unwanted, on page 1 Excluding Websites from Web Reputation Filtering, on page 2 Overview Cisco Cloud Web Security provides protection from spyware and web viruses. Cisco ScanCenter enables you to create approved lists of applications that will bypass spyware filtering and websites that will bypass web reputation filtering. By default, all incoming adware, spyware, and potentially unwanted applications (PUAs) are blocked. If, for some reason, an administrator requires a specific PUA to be permitted, it can be selected in an approved list. All PUAs are registered in the approved list when a download request is received. All truly malicious code, such as viruses, worms, Trojans, back-doors, and key loggers are automatically blocked. Similarly, all known phishing exploits are automatically blocked by Cisco Cloud Web Security. The approved list applies to “grayware” which typically includes applications that hijack web browsing activities, redirect users to sponsored sites, monitor non-confidential browsing habits, create unwanted pop-up adverts, and so on. Allowing Applications Classified as Potentially Unwanted With the spyware allowed list you can allow applications that Cisco has classified as potentially unwanted. Procedure Step 1 Click the Spyware tab. Step 2 In the Whitelists menu, click Spyware to display the Spyware page. Step 3 Select the check boxes of the spyware to allow. You can enter part or all of the name of a spyware application in the Search box to find a spyware application. Step 4 Click Submit to apply your changes. Alternatively, navigate away from the page to abandon your changes. Spyware 1

Post on 30-Apr-2020

6 views

Category:

Documents

0 download

Embed Size (px)

TRANSCRIPT

  • Spyware

    • Overview, on page 1• Allowing Applications Classified as Potentially Unwanted, on page 1• Excluding Websites from Web Reputation Filtering, on page 2

    OverviewCisco Cloud Web Security provides protection from spyware and web viruses.

    Cisco ScanCenter enables you to create approved lists of applications that will bypass spyware filtering andwebsites that will bypass web reputation filtering. By default, all incoming adware, spyware, and potentiallyunwanted applications (PUAs) are blocked. If, for some reason, an administrator requires a specific PUA tobe permitted, it can be selected in an approved list. All PUAs are registered in the approved list when adownload request is received.

    All truly malicious code, such as viruses, worms, Trojans, back-doors, and key loggers are automaticallyblocked. Similarly, all known phishing exploits are automatically blocked by Cisco Cloud Web Security. Theapproved list applies to “grayware” which typically includes applications that hijack web browsing activities,redirect users to sponsored sites, monitor non-confidential browsing habits, create unwanted pop-up adverts,and so on.

    Allowing Applications Classified as Potentially UnwantedWith the spyware allowed list you can allow applications that Cisco has classified as potentially unwanted.

    Procedure

    Step 1 Click the Spyware tab.Step 2 In theWhitelists menu, click Spyware to display the Spyware page.Step 3 Select the check boxes of the spyware to allow. You can enter part or all of the name of a spyware application

    in the Search box to find a spyware application.Step 4 Click Submit to apply your changes. Alternatively, navigate away from the page to abandon your changes.

    Spyware1

  • Password Protected ArchivesCisco Cloud Web Security scans the files inside archives, such as zip files, for malware. However, it cannotscan password-protected (encrypted) archives. Because these archives could containmalware, they are classifiedas PUAs. However, you can enable users to access these files by selecting the Protected Archive check boxin the Approved List.

    Enabling access to protected archives will globally allow all users to access these archives, which may containPUAs.

    Caution

    Excluding Websites from Web Reputation FilteringBy default, Cisco Cloud Web Security blocks websites with a poor Web reputation score. You can preventspecific websites from being blocked by adding them to an allowed list. You can add a maximum of 1000websites to the list.

    Procedure

    Step 1 Click the Spyware tab.Step 2 In theWhitelist menu, clickWeb Reputation to display theWeb Reputation page.Step 3 Enter the required URL in the URL field. The URL can be a maximum of 256 characters in length.Step 4 Click Add URL.

    What to do next

    You can click Check Reputation to open the SenderBase page for the website.

    To remove a website from the allowed list, enter part or all of the URL in the Search box. Select the checkbox then click Remove.

    Spyware2

    SpywarePassword Protected Archives

    SpywareOverviewAllowing Applications Classified as Potentially UnwantedPassword Protected Archives

    Excluding Websites from Web Reputation Filtering