Cisco Cisco Web Security Appliance S390 Betriebsanweisung

154

I R O N P O R T   A S Y N C O S   6 . 3   F O R   W E B   U S E R   G U I D E  

C R E A T I N G   A C C E S S   PO L I C I E S

You can create Access Policy groups based on combinations of several criteria, such as one or 
more Identities or the URL category of the destination site. You must define at least one 
criterion for policy group membership. When you define multiple criteria, the client request 
must meet all criteria to match the policy group. However, the client request needs to match 
only one of the configured Identities.

For more information about how the Web Proxy matches a client request with a policy group, 
see “Evaluating Access Policy Group Membership” on page 152 and “Matching Client 
Requests to Access Policy Groups” on page 152.

You define policy group membership on the Web Security Manager > Access Policies page.

To create an Access Policy group:

1. Navigate to the Web Security Manager > Access Policies page.

2. Click Add Policy.

3. In the Policy Name field, enter a name for the policy group, and in the Description field, 

optionally add a description.

4. In the Insert Above Policy field, choose where in the policies table to place the policy 

group.

When configuring multiple policy groups you must specify a logical order for each group. 
Carefully order your policy groups to ensure that correct matching occurs.

5. In the Identities and Users section, choose one or more Identity groups to apply to this 

policy group. 

For more information on how to do this, see “Configuring Identities in Other Policy 
Groups” on page 142.

6. Optionally, expand the Advanced section to define additional membership requirements.