Cisco Cisco Web Security Appliance S670 User Guide
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
5-21
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 5 Web Proxy Services
Advanced Proxy Configuration
Subcommand
Description
Authentication
Configure authentication parameters, such as the number of outstanding
concurrent Basic or NTLMSSP authentication requests to be authenticated by
the authentication server and whether or not to log the username that appears in
the request URI. You can also use the
concurrent Basic or NTLMSSP authentication requests to be authenticated by
the authentication server and whether or not to log the username that appears in
the request URI. You can also use the
authentication
subcommand to enable
the user acknowledgment page. For more information about the user
acknowledgment page, see
acknowledgment page, see
.
For more information, see
Caching
Configure advanced Web Proxy caching options, such as:
•
Whether or not to ignore client requests to not retrieve content from the
proxy cache
proxy cache
•
Whether or not to cache content from an untrusted server
You can configure the parameters separately by selecting “Customized Mode,”
or you can choose from the modes shown below for a predefined set of
parameter values. For more information, see
or you can choose from the modes shown below for a predefined set of
parameter values. For more information, see
.
Safe mode
This mode uses less caching. You might want to use safe
mode if clients are encountering web servers sending error
responses with Last-Modified headers (so they get
cached), and these are transient whereby you do not want
to cache the error responses. Or, you might want to use safe
mode if some web servers are not responding properly to
If-Modified-Since queries, and caching objects when no
cache lifetime is specified is causing incorrect cache hits.
mode if clients are encountering web servers sending error
responses with Last-Modified headers (so they get
cached), and these are transient whereby you do not want
to cache the error responses. Or, you might want to use safe
mode if some web servers are not responding properly to
If-Modified-Since queries, and caching objects when no
cache lifetime is specified is causing incorrect cache hits.
Provides most strict adherence to the RFC with respect to
caching, performing less caching than the other modes.
caching, performing less caching than the other modes.
Optimized mode
This mode uses moderate caching. This is the default
mode. Compared to safe mode, in optimized mode the Web
Proxy caches objects when no caching time is specified
when a Last-Modified header is present. The Web Proxy
caches negative responses.
mode. Compared to safe mode, in optimized mode the Web
Proxy caches objects when no caching time is specified
when a Last-Modified header is present. The Web Proxy
caches negative responses.
Provides less strict adherence to the RFC with respect to
caching than Safe mode, but more than Aggressive.
Performs more caching than Safe mode and less than
Aggressive mode.
caching than Safe mode, but more than Aggressive.
Performs more caching than Safe mode and less than
Aggressive mode.
Aggressive mode
This mode uses aggressive caching. Compared to
optimized mode, in aggressive mode the Web Proxy caches
authenticated content, ETag mismatches, and content
without a Last-Modified header. The Web Proxy ignores
the no-cache parameter.
optimized mode, in aggressive mode the Web Proxy caches
authenticated content, ETag mismatches, and content
without a Last-Modified header. The Web Proxy ignores
the no-cache parameter.
Provides least strict adherence to the RFC with respect to
caching. Performs the most caching of the modes.
caching. Performs the most caching of the modes.
Customized mode
This mode allows you to configure each parameter
individually.
individually.