Cisco Cisco ScanSafe Wi-Fi Hotspot Security Leaflet
© 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 8 of 27
Add rules to the existing CWS service policy to exclude requests from any source to these hosts, and position
them at the right priority in the list:
Full details of whitelisting configuration are available at:
http://www.cisco.com/en/US/docs/security/asa/asa90/asdm70/configuration_guide/protect_cloud_web_security.ht
ml#wp1682939
.
Cisco ASA Configuration for Identity Firewall Integration (optional)
ASA Identity Firewall (IDFW) over the Microsoft Active Directory Network provides Single Sign-On (SSO) within an
Active Directory domain and embeds user and group identity in firewall access policies. This setup enables
enterprises to configure policies and identify users directly by username or group name rather than through IP
addresses. The advantages of this integration include:
●
Increased flexibility and simplicity in policy creation by decoupling policy from topology
●
Decreased costs of creating and maintaining security policies
●
Better visibility on who is doing what
●
Decoupling of policy from network topology
●
Significant reduction of policy count