Cisco Cisco Web Security Appliance S670 User Guide
9-3
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 9 Block, Allow or Redirect Transaction Requests
Overview of Block, Allow, or Redirect Transaction Requests
•
Redirect. The Web Proxy does not allow the connection to the originally requested destination
server and instead connects to a different specified URL. You might want to redirect traffic at the
appliance if your organization published the links to an internal site, but the location of the site
changed since publication, or if you do not have control over the web server. For more information
about redirecting traffic, see
server and instead connects to a different specified URL. You might want to redirect traffic at the
appliance if your organization published the links to an internal site, but the location of the site
changed since publication, or if you do not have control over the web server. For more information
about redirecting traffic, see
Note
The preceding actions are final actions that the Web Proxy takes on a client request. The Monitor action
that you can configure for Access Policies is not a final action. For more information, see
that you can configure for Access Policies is not a final action. For more information, see
After the Web Proxy assigns an Access Policy to an HTTP or decrypted HTTPS request, it compares the
request to the policy group’s configured control settings to determine which action to apply. You can
configure multiple security components to determine how to handle HTTP and decrypted HTTPS
requests for a particular policy group. For more information about the security components that you can
configure and how the Web Proxy uses Access Policy groups to control HTTP traffic, see
request to the policy group’s configured control settings to determine which action to apply. You can
configure multiple security components to determine how to handle HTTP and decrypted HTTPS
requests for a particular policy group. For more information about the security components that you can
configure and how the Web Proxy uses Access Policy groups to control HTTP traffic, see
.
Understanding the Monitor Action
When the Web Proxy compares a transaction to the control settings, it evaluates the settings in order.
Each control setting can be configured to perform one of the following actions for Access Policies:
Each control setting can be configured to perform one of the following actions for Access Policies:
•
Monitor
•
Allow
•
Block
•
Redirect
All actions except Monitor are final actions that the Web Proxy applies to a transaction. A final action
is an action that causes the Web Proxy to stop comparing the transaction to the rest of the control settings.
is an action that causes the Web Proxy to stop comparing the transaction to the rest of the control settings.
The Monitor action is an intermediary action. The Web Proxy continues comparing the transaction to the
other control settings to determine which final action to apply.
other control settings to determine which final action to apply.
For example, if an Access Policy is configured to monitor a suspect user agent, the Web Proxy does not
make a final determination about a request from the user agent. If an Access Policy is configured to block
a particular URL category, then any request to that URL category is blocked before fetching the content
from the server regardless of the server’s reputation score.
make a final determination about a request from the user agent. If an Access Policy is configured to block
a particular URL category, then any request to that URL category is blocked before fetching the content
from the server regardless of the server’s reputation score.
Note
When a control setting matches Monitor and the transaction is ultimately allowed, the Web Proxy logs
the monitored setting in the access logs. For example, when a URL matches a monitored URL category,
the Web Proxy logs the URL category in the access logs.
the monitored setting in the access logs. For example, when a URL matches a monitored URL category,
the Web Proxy logs the URL category in the access logs.
shows the order that the Web Proxy uses when evaluating control settings for
Access Policies. The flow diagram shows that the only actions applied to a transaction are the final
actions: Allow, Block, and Redirect.
actions: Allow, Block, and Redirect.
Note
shows the order the Web Proxy uses when evaluating control settings for
shows the order when evaluating control settings for
Cisco IronPort Data Security Policies.