Cisco Cisco ScanSafe Wi-Fi Hotspot Security
Cisco CWS
– AnyConnect Web Security Deployment Guide
23
Test
Deploy
Prepare
Test
Verify web redirection to the cloud
Step 1:
. If a message is displayed, “User is not
currently using the service,” then the traffic is not redirected to the Cisco cloud. This can be useful in
determining if: the user is being resolved correctly, any groups being discovered, the internal/external IP
of the user/location, and what Connector is in use.
determining if: the user is being resolved correctly, any groups being discovered, the internal/external IP
of the user/location, and what Connector is in use.
*Note: HTTPS inspection must be enabled.
This is an example of a successful
authUserName: "WinNT://CISCO\\user"
authenticated: true
companyName: Cisco
connectorGuid: 0123456789ABCDEF0123456789ABCDEF
connectorVersion: AP_ACx.x.xxxxx
countryCode: US
externalIp: 12.34.56.78
groupNames:
- "WinNT://CISCO\\Group”
internalIp: 1.2.3.4
logicalTowerNumber: 1784
staticGroupNames:
- "WinNT://CISCO\\Group”
userName: "WinNT://CISCO\\user"
authenticated: true
companyName: Cisco
connectorGuid: 0123456789ABCDEF0123456789ABCDEF
connectorVersion: AP_ACx.x.xxxxx
countryCode: US
externalIp: 12.34.56.78
groupNames:
- "WinNT://CISCO\\Group”
internalIp: 1.2.3.4
logicalTowerNumber: 1784
staticGroupNames:
- "WinNT://CISCO\\Group”
userName: "WinNT://CISCO\\user"
Step 2:
request is processed against the current web filtering policy.
Step 3:
With SearchAhead enabled in ScanCenter (the CWS admin portal), browse to Google, Bing, or
Yahoo and search for something. The SearchAhead data should be prepended to each search result in
the form of a green, yellow, or red dot. Mouse over the dot to see what information is contained within.
the form of a green, yellow, or red dot. Mouse over the dot to see what information is contained within.
Manage and configure web filtering policy
A web filtering policy is a set of rules which define the websites users have access to. Similar to a
firewall’s ACL, all rules are evaluated from top to bottom and the first match wins. Therefore, only one rule
will ever apply to a single web request. Rules are comprised of three criteria and an action. The three
criteria are group membership, filter, and schedule. If group membership is not assigned to a rule, than it
will apply to everyone by default. Only assign a group if a rule should apply to a specific set of people or
computers using the Cisco Cloud Web Security service.
firewall’s ACL, all rules are evaluated from top to bottom and the first match wins. Therefore, only one rule
will ever apply to a single web request. Rules are comprised of three criteria and an action. The three
criteria are group membership, filter, and schedule. If group membership is not assigned to a rule, than it
will apply to everyone by default. Only assign a group if a rule should apply to a specific set of people or
computers using the Cisco Cloud Web Security service.
Reference video:
The filter defines categories of website, content, or file types which are evaluated against the web
request. The web request must match the filter for the rule to be true. The schedule defines the time of
day or day of week the rule should be active. By default, the schedule is set to any time. A web request
must be made within the scheduled time frame in order for the rule to be true.
request. The web request must match the filter for the rule to be true. The schedule defines the time of
day or day of week the rule should be active. By default, the schedule is set to any time. A web request
must be made within the scheduled time frame in order for the rule to be true.