Cisco Cisco Web Security Appliance S670 Betriebsanweisung
11-21
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 11 Processing HTTPS Traffic
Controlling HTTPS Traffic
Note
The configured default action only affects the transaction when no decision is made based on
URL category or Web Reputation score. If Web Reputation filtering is disabled, the default
action applies to all transactions that match a Monitor action in a URL category. If Web
Reputation filtering is enabled, the default action is used only if the Monitor action is selected
for sites with no score.
URL category or Web Reputation score. If Web Reputation filtering is disabled, the default
action applies to all transactions that match a Monitor action in a URL category. If Web
Reputation filtering is enabled, the default action is used only if the Monitor action is selected
for sites with no score.
After a Decryption Policy group is assigned to an HTTPS request, the control settings for the policy
group are evaluated to determine whether to drop, pass through, or decrypt the HTTPS connection
request. For more information about assigning a Decryption Policy group to an HTTPS request, see
group are evaluated to determine whether to drop, pass through, or decrypt the HTTPS connection
request. For more information about assigning a Decryption Policy group to an HTTPS request, see
shows how the appliance determines which action to take on an HTTPS
request after it has assigned a particular Decryption Policy to the request.
Figure 11-5
Applying Decryption Policy Actions
shows two different decision points that involve the web reputation score of the destination
server. The web reputation score of the server is evaluated only once, but the result is applied at two
different points in the decision flow.
different points in the decision flow.