Cisco Cisco Web Security Appliance S160 User Guide
6-5
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
Chapter 6 Working with Policies
Policy Types
Access Policies determine how the appliance controls access to services,
applications, and objects on the web for HTTP and decrypted HTTPS requests.
The appliance uses Access Policies to evaluate and scan HTTP requests and
HTTPS requests designated for decryption.
applications, and objects on the web for HTTP and decrypted HTTPS requests.
The appliance uses Access Policies to evaluate and scan HTTP requests and
HTTPS requests designated for decryption.
Configure Access Policy groups on the Web Security Manager > Access Policies
page. For more information about Access Policy groups, see
page. For more information about Access Policy groups, see
.
IronPort Data Security Policies
IronPort Data Security Policies determine whether or not to block a request to
upload data using logic defined on the Web Security appliance. They address the
question, “to block the upload of data?”
upload data using logic defined on the Web Security appliance. They address the
question, “to block the upload of data?”
The Web Proxy uses IronPort Data Security Policies to evaluate and scan HTTP
requests and decrypted HTTPS requests that have any data in the request body.
requests and decrypted HTTPS requests that have any data in the request body.
Configure Data Security Policy groups on the Web Security Manager > IronPort
Data Security page. For more information about Data Security Policy groups, see
Data Security page. For more information about Data Security Policy groups, see
External DLP Policies
External DLP (data loss prevention) policies determine whether or not to block a
request to upload data using logic stored on an external DLP server. They address
the question, “to block the upload of data?”
request to upload data using logic stored on an external DLP server. They address
the question, “to block the upload of data?”
The Web Proxy uses External DLP Policies to evaluate HTTP requests and
decrypted HTTPS requests that have any data in the request body and send them
to an external DLP server for scanning.
decrypted HTTPS requests that have any data in the request body and send them
to an external DLP server for scanning.
Configure External DLP Policy groups on the Web Security Manager > External
Data Loss Prevention page. For more information about External DLP Policy
groups, see
Data Loss Prevention page. For more information about External DLP Policy
groups, see
.