This may well be answered somewhere already and I just haven't found it yet, but it seems that IronPort is blocking Google's cached copies of sites as "Malware/spyware". I hadn't accessed any cached sites until this was pointed out to me today so I don't know whether or not this has always been the case.
I'm quite happy that it is being blocked as it ensures that people aren't able to get on sites that would normally be blocked, but I'm not sure I understand why this is being classed as malware/spyware.
and it seems to be -5.7. Which would make sense. I don't believe we would intentionally block google cache. Perhaps there was an outbreak of malware detected from a google cache site and the score temporarily was dropped in order to mitigate the spreading.
All hypothesis, but WBRS scores do fluctuate based on current knowledge of web behaviors.
If the score is still low enough to block all google cache, I recommend filing a support ticket, because this is not expected behavior.
I'm guessing that the reputation score changes on a regular basis. Chances are if you try again in a day or two you will be able to access it.
It would be useful to know what keeps prompting the drop in score. If it's in reaction to a threat, then that means that IronPort are doing a good job. I'd just be interested in finding out what the threat is we're being protected against!!
We're talking with our internal team about why this particular URL scored the way it did, but in general Google's cache is tricky from a reputation point of view.
While Google itself tends to have a very good reputation, the cache servers are automated - meaning that they'll pick up content from both high reputation sites and low reputation. Because the same server at Google will cache content from multiple sources, sometimes one part of the content will end up reducing the reputation of the entire server.
Google tends to be pretty responsive with regards to removing malware from the cache servers - but in the meantime, the most important thing from IronPort's point of view is to protect our customers.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...