CSA 5.1(Untrusted Content Classification Module)

Hi Experts,
I am running CSA in my Pilot and its kind of stable now and working Fine.I need to know one thing I hv disabled "Untrusted Content Classification Module" from the Application classification Policy which is part of All Windows Group.I hv disable this module bcoz there will be more than 1000 applications runing in my org. and more new applications will be added which cant be tested in my Test Lab.
I want to know the level of security tht i hv compromised by disabling this module on my CSA.

None, it just monitors apps and classifies them based on the rules. Kind of like the Kernel protection rules. It can also be useful in Application Investigation.
You should test with real stations outside your lab if possible but you don't need this rule to do it.

Similar Messages

  • Content Conversion module in JMS Adapter - MessageTransformBean

    Hi All,
    We are using Content Conversion module using MessageTransformBean in JMS adapter to read a flat file from MQ Queue.It works fine and the file is getting picked and successfully converted into a xml structure in XI.
    The flat file is multiple line file with each line as one xml record.But the xml structure after conversion has only one record in it.So we end up getting multiple messages each with one record instead of ONE xml structure with multiple records in it.
    Could I know why I am not getting multiple records in one xml structure as expected.
    Do I need to change  xml.structureTitle as  MyTitle,* or should I put something endSeparator like we do in File Content Conversion.
    Any Help appreciated.
    Thanks,
    V
    Edited by: CollinsV on Aug 9, 2010 6:28 AM
    Edited by: CollinsV on Aug 9, 2010 6:36 AM
    Edited by: CollinsV on Aug 9, 2010 6:38 AM
    Edited by: CollinsV on Aug 9, 2010 6:39 AM
    Edited by: CollinsV on Aug 9, 2010 6:56 AM

    Thanks Shabarish .I did follow the same document , but the xml is not converted as multiple records in it .we are getting only one xml message for each record in the file .
    The xml structure we are getting :
    <ns:MyDocument xmlns:ns="http://xi.com/test">
    <MyTitle>
    <field-name1>111</field-name1>
    <field-name2>222</field-name2>
    <field-name3>333</field-name3>
    </MyTitle>
    </ns:MyDocument>
    We need onle one xml message instead as below.
    <ns:MyDocument xmlns:ns="http://xi.com/test">
    <MyTitle>
    <field-name1>AAA</field-name1>
    <field-name2>BBB</field-name2>
    <field-name3>CCC</field-name3>
    </MyTitle>
    <MyTitle>
    <field-name1>111</field-name1>
    <field-name2>222</field-name2>
    <field-name3>333</field-name3>
    </MyTitle>
    </ns:MyDocument>
    Any Help ...
    Thanks
    V

  • Complex XML to Plain in JMS adapter "Content conversion module"

    Hi!
    I have read the document on "How To… use the content conversion module with XI3.0 J2EE JMS Adapter", and it says only SimpleXML can be converted in the receiver channel.
    I had hoped for a solution at least as good as in the File/ftp adapter, where complex XML can be transformed to files.
    Are there plans to include complex XML conversion in the JMS adapter?
    I can not use the file adapter as I need to change the file name and destination, and that can not be done by adding own module to its single module.
    Any idea how I can achieve what I want?
    To only way I can find, is to create a file using the file/ftp adapter, and then pick it up again and treat all the lines as the same structure (one row = one xml field). Then output this new xml message to file, using the JMS adapter and add any modules with name and destination determination.
    Appreciate any help!
    Regards,
    Oeystein Emhjellen

    Hello,
    Have you tried to use an XSLT mapping within the IE?
    I have, at one customer site, created a XSLT message mapping which converts the  XML to a fixed length ASCII file format. I than added the XSLT message mapping as a second mapping step on the interface mapping.
    In this case I was able to publish a fairly complex fixed length file format to MQ Series via the JMS adapter.
    /Johan

  • I need this file "How to Use the Content Conversion Module in JMS Adapter"

    Can someone send me this file:
    "How to Use the Content Conversion Module in JMS Adapter"
    I am not able to find it.
    Thanks
    Antonello

    pls refer guide
    https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/com.sap.km.cm.docs/library/xi/xi-adapters/how%20to%20use%20the%20content%20conversion%20module%20with%20xi%203.0%20j2ee%20jms%20adapter.pdf
    Regards,
    Swetha.

  • Content Engine Module is logging DHCP errors

    Content Engine Module in Cisco 3725 is logging the following eror continously:
    Sep 29 16:47:50 ContentEngine dhclient: %CE-DHCP-5-191000: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 4
    Sep 29 16:47:54 ContentEngine dhclient: %CE-DHCP-5-191000: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 11
    Sep 29 16:47:58 ContentEngine smartd: %CE-SMARTD-3-435000: No Errors Logged
    Sep 29 16:48:05 ContentEngine dhclient: %CE-DHCP-5-191000: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 1
    Sep 29 16:48:06 ContentEngine dhclient: %CE-DHCP-5-191000: No DHCPOFFERS received.
    Sep 29 16:48:06 ContentEngine dhclient: %CE-DHCP-5-191000: No working leases in persistent database - sleeping.
    Sep 29 16:48:06 ContentEngine %CE-DHCP-5-191000: Script called with reason: FAIL
    Sep 29 16:52:58 ContentEngine smartd: %CE-SMARTD-3-435000: No Errors Logged
    Disable the external interface (shutdown) didn't fix the problem:
    Sep 29 17:02:05 ContentEngine dhclient: %CE-DHCP-5-191000: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3
    Sep 29 17:02:05 ContentEngine dhclient: %CE-DHCP-3-191000: send_packet: Network is down
    Sep 29 17:02:08 ContentEngine dhclient: %CE-DHCP-5-191000: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3
    Sep 29 17:02:08 ContentEngine dhclient: %CE-DHCP-3-191000: send_packet: Network is down
    Sep 29 17:02:11 ContentEngine dhclient: %CE-DHCP-5-191000: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 5
    Sep 29 17:02:11 ContentEngine dhclient: %CE-DHCP-3-191000: send_packet: Network is down
    Sep 29 17:02:16 ContentEngine dhclient: %CE-DHCP-5-191000: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 5
    Sep 29 17:02:16 ContentEngine dhclient: %CE-DHCP-3-191000: send_packet: Network is down
    Sep 29 17:02:21 ContentEngine dhclient: %CE-DHCP-5-191000: No DHCPOFFERS received.
    Sep 29 17:02:21 ContentEngine dhclient: %CE-DHCP-5-191000: No working leases in persistent database - sleeping.
    Sep 29 17:02:21 ContentEngine %CE-DHCP-5-191000: Script called with reason: FAIL
    Sep 29 17:02:58 ContentEngine smartd: %CE-SMARTD-3-435000: No Errors Logged
    Any ideas how to fix this problem ?

    Try the global command:
    ce(config)# no auto-register enable
    http://www.cisco.com/univercd/cc/td/doc/product/webscale/uce/acns53/53cref/6812ref.htm#wp1038726

  • CSM-Content Switching Module

    Hi All,
    How to shutdown Content Switching Module in Cat 6500 switches ? I want to shutdown only CSM-Module without disturbing Chassis.
    Can anyone please send me the command on that ?
    Highly appreciate your valuable reply.
    Thanks,

    Hi,
    Assuming you are using IOS, you can power-down a module in a 6500 chassis using the command
    "no power enable module " in global config mode where is the slot number of the CSM.
    If you are using CatOS then the command would be:
    "set module power down "
    The CSM should be hot-swappable so you should be able to just pull it out of the chassis, but I think that is a bit vicious if you only want to shut it down.
    HTH
    Cathy

  • Smartfilter with Content Engine Module (NM-CE-BP-40G-K9) & ACNS on 3661

    I've been looking over the CCO docs, but can't find one that has sample configs for using a 3661 router containing content engine module, smartfilter, & ACNS. Topology is basically the following...
    (PC's)----(LAN Switch)-----(3661 w/content engine module)----(PIX)---(internet)
    I don't want to creat a new IP subnet for the 3 interfaces within the content engine module/router. I want to use the IP's from the current LAN IP Block.
    Any advice appreciated.

    I thought this might help.
    Easy NM-CE Configuration Guide!
    Router IOS:c3725-ik9o3s-mz.122-15.T2
    Content Engine Software: ACNS 5.0.3.5
    Configure basic router configuration as normal.
    Set the IP addresses for the Service Module (Content-Engine) using these commands:
    interface Content-Engine2/0
    ip address 10.1.1.1 255.255.255.0
    ip nat inside
    service-module external ip address 10.0.0.1 255.255.255.0
    service-module ip address 10.1.1.2 255.255.255.0
    service-module ip default-gateway 10.1.1.1
    Complete Config Example (DHCP and NAT for Lab):
    urrent configuration : 2440 bytes
    version 12.2
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    hostname lab3745_NM-CE
    logging queue-limit 100
    enable password cisco
    ip subnet-zero
    ip wccp web-cache
    ip dhcp pool NM-ESW-16-POOL
    network 10.1.2.0 255.255.255.0
    domain-name cisco.com
    default-router 10.1.2.1
    dns-server 171.68.226.120 171.70.168.183
    lease 7
    ip audit notify log
    ip audit po max-events 100
    no voice hpi capture buffer
    no voice hpi capture destination
    mta receive maximum-recipients 0
    interface FastEthernet0/0
    ip address 172.16.12.108 255.255.255.0
    ip wccp web-cache redirect out
    ip nat outside
    duplex auto
    speed auto
    interface FastEthernet0/1
    no ip address
    shutdown
    duplex auto
    speed auto
    interface FastEthernet1/0
    no ip address
    interface FastEthernet1/1
    no ip address
    interface FastEthernet1/2
    no ip address
    interface FastEthernet1/3
    no ip address
    interface FastEthernet1/4
    no ip address
    interface FastEthernet1/5
    no ip address
    interface FastEthernet1/6
    no ip address
    interface FastEthernet1/7
    no ip address
    interface FastEthernet1/8
    no ip address
    interface FastEthernet1/9
    no ip address
    interface FastEthernet1/10
    no ip address
    interface FastEthernet1/11
    no ip address
    interface FastEthernet1/12
    no ip address
    interface FastEthernet1/13
    no ip address
    interface FastEthernet1/14
    no ip address
    interface FastEthernet1/15
    no ip address
    interface Content-Engine2/0
    ip address 10.1.1.1 255.255.255.0
    ip nat inside
    service-module external ip address 10.0.0.1 255.255.255.0
    service-module ip address 10.1.1.2 255.255.255.0
    service-module ip default-gateway 10.1.1.1
    interface Vlan1
    ip address 10.1.2.1 255.255.255.0
    ip nat inside
    ip local pool NM-ESW-16-POOL 10.1.2.2 10.1.2.254
    ip nat pool TEST-NAT-POOL 172.16.12.108 172.16.12.108 prefix-length 24
    ip nat inside source list 7 pool TEST-NAT-POOL overload
    ip http server
    no ip http secure-server
    ip classless
    ip route 0.0.0.0 0.0.0.0 172.16.12.254
    access-list 7 permit 10.1.2.0 0.0.0.255
    access-list 7 permit 10.1.1.0 0.0.0.255
    access-list 7 permit 10.0.0.0 0.0.0.255
    call rsvp-sync
    mgcp profile default
    dial-peer cor custom
    line con 0
    speed 115200
    line 65
    flush-at-activation
    no activation-character
    no exec
    transport input all
    line aux 0
    line vty 0 4
    password cisco
    login
    end
    reset service-module 2 to reboot the Content-Engine:
    service-module content-Engine 2/0 reload
    Within 30 Seconds Session from the Router to the Service Module:
    service-module content-engine session
    Enter Basic Configuration for Network Module:
    Password, etc…
    Configure The service Modeule using the command line interface:
    hostname NM-CE-BP
    ip domain-name CISCO.COM
    interface FastEthernet 0/0
    ip address 10.0.0.1 255.255.255.0
    exit
    interface FastEthernet 0/1
    ip address 10.1.1.2 255.255.255.0
    exit
    ip default-gateway 10.1.1.1
    primary-interface FastEthernet 0/1
    ip name-server 172.72.1.1
    wccp router-list 1 172.16.12.108
    wccp web-cache router-list-num 1
    wccp version 2
    username xxx password xxxx
    username xxxx privilege 15
    authentication login local enable primary
    authentication configuration local enable primary
    NM-CE-BP#exit
    You can use the command line interface to show statics from the Content Engine by using the show statistics screen command or use your web browers for a more graphical report.

  • Content engine module

    Hi, is it possible for a content engine module to work in a 2600 with the following scenario? I want the clients gateway to be the 2600 with content engine installed but I want the 2600 to forward all traffic out a seperate gateway. I know a content switch can do this but can a content module in a 2600 do it too. The reason for wanting this is I want to use url filtering software such as websense and at the moment the existing gateway/firewall is not compatible with websense so Im looking to use a 2600 with content module installed to filter webtraffic and forward out the existing gateway. Thanks

    this is no problem
    Just look at the nm-ce as a standalone device connected by ethernet to the 2600.
    The 2600 can be the default gateway for the client and the cache [nm-ce].
    The 2600 will intercept traffic from client and forward to nm-ce.
    The nm-ce will use the 2600 as its default gateway.
    Gilles.

  • Premiere Pro CC - Content analysis modules (French)

    Hi,
    from the moment I updated to Premiere pro CC (on windows 7 64 bit), the content analysis module for French has been unavailable. I have downloaded it again for the latest version (which mentions compatibility for both CS6 and CC versions) and reinstalled it, but no change. I can't select this option. I have tried several things and found the folder in common files, but it is called CS6, maybe that's a clue to why it is broken.
    Anyway I urgently need this option for a very talky group of videos I have to edit and am desperate to have it working. And by the way it is broken in Prelude too, of course.
    Thank you for your feedback.
    David

    I did the same and it worked. There are three folders under CS6, fr_CA, fr_FR, and support. I copied the two fr folders to the 4.0 folder because there is already a support folder there and i didnt want to mess it up. It looks like the 4.0 is for the US speech engine. I guess even the big boys can sometimes dodo.

  • What do I do if Netflix won't play and the error message say's "Primetime Content Decryption Module provided by Adobe Systems Inc. plug in has crashed"?

    I've called Netflix twice with the error code F7361-1253 that shows up, to no avail. The first time the guy said it wasn't a Netflix code and didn't know what to do. The second time a different guy said to go to Internet Explorer to see if Netflix would play. Since it did, he said the problem was with Firefox. I have tried updating plug-ins, and refreshing Firefox, but nothing is working.

    I see you're using the Beta version of Firefox. Support for Netflix using the new Primetime Content Decryption Module is not complete in Firefox 38.
    You'll need use Firefox 37 (the current version) with Microsoft Silverlight to watch videos on Netflix.

  • Numbers of users for ASA Content Security module

    Hi,
    Can someone tell me how the ASA Content Security module recognize the maxi number of users ?
    eg. :  ASA-SSM-CSC-20-K9= is for 500 users. What will happen if I exceed to 560 users ?  Does the module recognize that there are more users than expected ?
    Best regards

    You will get similar message
    License violation has been detected on the InterScan for CSC SSM. There are currently 560 active nodes while you only have 500 seats of license. 60 more seats of license is required.
    Please upgrade your license to resolve the violation.

  • IMAP Sender channel, Content Conversion Module , target XSD structure issue

    Hi,
    I'm using the content conversion adapter module in my IMAP senderchannel , to transform a flat file into a IDOC ORDERS05 structure.
    I have some difficulties generating the right structure... how can I make a more deep structure ?
    My output is like this. All created segment is on the same level.
    <ORDERS05>
        <IDOC>
            <E1EDK01>
            <E1EDK03>
            <E1EDKA1>
            <E1EDK02>
            <E1EDKT1>
            <E1EDKT2>
            <E1EDKT2>
            <E1EDKT1>
            <E1EDKT2>
            <E1EDKT2>
        <IDOC>
    </ORDERS05>
    Here the E1EDKT2 should be a "level under" or "sub structure" to E1EDKT1, and not on the same level !
    The wanted result:
    <ORDERS05>
        <IDOC>
            <E1EDK01>
            <E1EDK03>
            <E1EDKA1>
            <E1EDK02>
            <E1EDKT1>
                <E1EDKT2>
                <E1EDKT2>
            <E1EDKT1>
                <E1EDKT2>
                <E1EDKT2>
        <IDOC>
    </ORDERS05>
    How can I solve this ????

    Hi,
    you can do it on adapter level too:
    but you cannot do it in standard content conversion I guess
    (if it has more then 2 levels)
    check this how you can do it:
    https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/482aae19-0301-0010-3485-8efd618818d0
    Regards,
    michal
    <a href="/people/michal.krawczyk2/blog/2005/06/28/xipi-faq-frequently-asked-questions"><b>XI / PI FAQ - Frequently Asked Questions</b></a>

  • Navigating Table of Contents with Module Reviews and Knowledge Checks

    I have been using 5.5 for at least 3 months without issue.  
    My current course is being published SCORM 1.2 to SumTotal LMS, but that is not relevant at this time.
    I have 3 modules in the course (3 module reviews and sets of knowledge check questions).
    Each set of knowledge check questions are 3 random questions from respective quiz pools.
    The final quiz is the only one with weighted values that report to the LMS.
    Problem...
    When you click past the Module Review (use Module Review 2) and take the knowledge check questions, and then click that Module Review 2 page via the Table of Contents, the Next and Back buttons do not work and everything freezes.
    This even happens when in preview mode in Captivate, and I don't even have to post to LMS.
    Help, please!

    I have a specific style set up (similary to body text) to dress the table of contents at 11pt. Overset text was my thought too! but its actually just an empty paragraph with a title. I've attached an image to help explain.

  • ASA Content Security Module (Anti-X) issue

    Is there a way to configure the Anti-X module such as I can filter the web content based on source VLAN or subnet? I need to implement something like that and can?t find how to do it.

    Traffic for CSC inspection is done using the Modular Policy Framework commands to create a service-policy
    General modular policy info is here
    http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/mpc.html
    The service policy you create sends traffic to the CSC for inspection
    The service policy identifies traffic using one or more class-maps
    Class-maps can use an access-list to match interesting traffic
    So it's up to how creative you can get with your access-list really.
    Info here should be of some help
    http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/ssm.html#wp1058664
    Here's an extremely basic example to hopefully get you going that inspects only http traffic initiated from the 10.1.1.0/24 subnet
    access-list MATCH_CSC extended permit ip 10.1.1.0 255.255.255.0 any eq http
    class-map MATCH_CSC_CLASS
    match access-list MATCH_CSC
    policy-map CSC_POLICY
    class MATCH_CSC_CLASS
    csc fail-close
    service-policy CSC_POLICY global
    Hope this helps

  • Creating a "Blockquote" content element/module?

    Hey Folks,
    I'd like to create an element that displays a customer testimonial that i can drop into a page/template, similar in function to the "Announcements" module.
    How would you go about creating one?  is this a web app or a module?  and is it a difficult undertaking for a good propblem solver but with limited coding skills?
    Thanks!!
    john

    To build something like your own testimonials you would use a web app John
    List layout can be used to show all testimonials on a testimonials page with pagination, a link to the detail view if you have really long ones. You can use the list backup for a nice look and feel layout for a random testimonial to go into your site templates as well.
    I would recomend using a custom multiline text field for the small intro element to keep list layouts and the random testimonial small, then when they go into the detail view or main page listing you show that and the description area content.
    It all depends on the client though and what sort of testimonails they have.
    In terms of pages if you use the indent editor button in the editor area on a page in the admin that actually makes a blockquote and you can have your CSS make that look like a quote feel too as a basic option.

Maybe you are looking for

  • Leopard Screen Sharing (VNC) Quality?

    Before Leopard I used to use Vine VNC Server for accessing my Mac over the internet. Now that Leopard has its own VNC (Screen Sharing) server built in theres no need to use it. Normally when I VNC'ed to my Mac over the internet using UltraVNC on Wind

  • How To Deploy forms and Reports on Oracle 11g Server.

    Can any one let me know how to deploy Oracle 11g Forms and Reports into weblogic server. Prior to 11g versions, support formsweb.cfg,cgicmd.dat files for forms and reports deployment configurations. iam not able to locate these files in 11g. Pl help

  • Af:inputText with readOnly="true"

    If readOnly="true" is set for an af:inputText component, ADF faces gets clever and renders straight text. However, I need a readonly input text object as I have some client side javascript that will update the value on an event. Any ideas for a worka

  • How view log of incoming messages?

    I'm running Mail.app 3.6 under OS 10.5.7 Sometimes I will see the Mail Activity window saying that I am receiving two messages, but only one shows up in my inbox. I've checked my rules and there is nothing that is marking messages as read. Is there a

  • Which Mac to recommend using Nikon D810 RAW files, New iMac or MacPro?

    I am still working with a MacPro 1.1, Lightroom 5 and a Nikon D4 + a D600. I am about to buy a D810 and i know the RAW files on my old Mac are just too large. So i will need a new Mac. Anybody have experience with the latest iMac and the D810? I thin