Cisco Cisco Web Security Appliance S160 User Guide

Enable Secure Mobility Solution on the Security Services > Mobile User Security 
page. 

For more information, see 

Create an Identity group that applies to remote users:

In the “Define Members by User Location” section, select Remote Users 
Only.

In the “Define Members by Authentication” section, select “Identify Users 
Transparently through Cisco ASA Integration.” 

Configure all other Identity options as desired.

For more information on creating Identities, see 

.

Create policies that use the Identity for remote users. 

The access logs indicate whether each transaction was made by a local or remote 
user. You can also add the same custom format specifier (%l) to the existing 
access logs, or you can add the equivalent W3C field (auth-user-type) to the W3C 
access logs.

In addition to the access logs, the Web Security appliance provides the following 
logs for troubleshooting potential Secure Mobility Solution issues.

User Discovery Service (UDS) log. The UDS log records data about how the 
Web Proxy discovers the user name without doing actual authentication. It 
includes information about interacting with the Cisco adaptive security 
appliance for Secure Mobility Solution as well as integrating with the Novell 
eDirectory server for transparent user identification.

Mobile User Security Daemon log. The Mobile User Security Daemon log 
records the interaction between the Web Security appliance and the 
AnyConnect client, including the status check.