Cisco Cisco ScanSafe Web Security
Cisco CWS
– AnyConnect Web Security Deployment Guide
25
Test
Deploy
Prepare
Step 10:
In the Networks/IP field, enter the address of a host such as 1.2.3.4 and click Save. Notice
that a subnet mask has been applied in CIDR notation.
Step 11:
To specify a subnet, you will have to apply a subnet mask. Click Save.
*Note that content types allow you to specify types of content on a web page. If a rule is to block
content specified in its filter, it will not deny access to the web page but rather specific content will not
be rendered.
content specified in its filter, it will not deny access to the web page but rather specific content will not
be rendered.
Step 12:
Custom content can be specified in the custom filter below by entering the MIME type you
wish to filter for. Each type should be on a separate line. When finished, click Save.
File types work in a similar way to content types. Filed being served on a webpage are being
analyzed. Additional or custom file types can be specified in the other file extensions to block a field.
analyzed. Additional or custom file types can be specified in the other file extensions to block a field.
Exceptions provide a similar UI as Domains/URLs. The difference is that any web request that
matches an exception will cause the rule to evaluate defaults and therefore be ignored.
matches an exception will cause the rule to evaluate defaults and therefore be ignored.
For example, suppose you want to allow tobacco.org for education purposes. However, because you
have selected the tobacco category, this filter will be applied to a blocked rule.
have selected the tobacco category, this filter will be applied to a blocked rule.
Step 13:
Enter the fully qualified domain name of tobacco.org as a domain URL exception. Notice on
the left-side margin that there are yellow exclamation marks next to file types and exceptions. These
appear when changes have been made without saving.
appear when changes have been made without saving.
Step 14:
Click the Save All Settings button to save the changes made to both areas. Now you need
to embed the filter in a rule. The filter will be triggered by anything in it that makes a match. If you
want to achieve the AND operation, then add 2 filters to a rule (maximum of 2).
want to achieve the AND operation, then add 2 filters to a rule (maximum of 2).
Step 15:
Mouse over to Management and select Policy. Click the Create A Rule sub tab.
Step 16:
Enter a friendly name in the name field. *Note: Rules and filters can share the same name,
but rules cannot share the same name as other rules, just as filters cannot share the same name as
other filters. This way you can match rule and filter names for easier management.
other filters. This way you can match rule and filter names for easier management.
Step 17:
Pull down the list of rule actions. Notice that there are five possible actions that can be
applied to a rule. The first two, Block and Allow, are self-explanatory. Anonymous will record the
actions of a web requestor, just not their identity, while still continuing down to the next rules in order
to apply policy. Warn is similar to allow, but the web requestor is presented with a customizable
warning page before honoring their web request.
actions of a web requestor, just not their identity, while still continuing down to the next rules in order
to apply policy. Warn is similar to allow, but the web requestor is presented with a customizable
warning page before honoring their web request.
Step 18:
Authenticate is used for clientless authentication based deployment models. Click on Block,
because we want this to be a block rule.
Step 19:
If you want to add a group to this rule, click Add Group. Clicking any letter of the alphabet
will display what groups have been configured in the CCWS portal by their leading alpha, or simply
click go to list all the groups.
click go to list all the groups.
Step 20:
Pull down the add filter list and select the desired filter. In this case, we are going to select
the Global Block Filter. Click Add. Notice that the schedule is set to any time.