Cisco Cisco ScanSafe Wi-Fi Hotspot Security Leaflet
© 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 10 of 27
Note:
If you do not see SearchAhead results, log in to ScanCenter, navigate to the Web Filtering tab, then
the Management menu, and then under Global Settings ensure the Enable SearchAhead for all users checkbox
is selected.
Directory Groups Definition in Cisco ScanCenter (optional)
If you have integrated your ASA with an IDFW for group identification in rules and user granularity in reports, you
need to define in ScanCenter any directory groups for use in web filtering rules.
1. Log in to ScanCenter and click the Admin tab.
2. Under the Management tab, click Groups. The list of defined groups will be shown.
3. Click Add Directory Group from the bottom of the page.
4. Type in the name of a directory group in the format of domain-name\group-name.
5. Click Save to save the directory group.
6. Repeat the previous three steps to add additional directory groups.
Web Filtering Policy in Cisco ScanCenter
To get started, you need to create a basic web filtering policy in ScanCenter.
The policy is a set of rules that runs from top to bottom, checking each rule until it makes the first “match”, and
applies the action of that rule and then stops. In order for a rule to make a match and apply an action, it must
make a match on all three of the following entities:
●
Groups, Users, or IP Addresses
●
Filter
●
Schedule
So the rule is actually asking “Can this user access this web content at this time?”
If no rule is matched, the Default rule at the bottom will always apply.
The following steps demonstrate how to set up a basic policy, which you can then build on and develop further.
Note:
In a new account, no policy will be defined and all users can access all sites at all times, so all you will
see is a default rule in the list.