Cisco Cisco Web Security Appliance S170 Release Notes
5
Release Notes for Cisco IronPort AsyncOS 7.0 for Web
OL-23205-01
What’s New in Cisco IronPort AsyncOS 7.0 for Web
New Feature:
HTTP Instant
Messaging
Controls
HTTP Instant
Messaging
Controls
AsyncOS for Web 7.0 uses the AVC engine to apply control settings to some instant
messenger (IM) traffic that runs on top of HTTP. You can block or monitor the IM
traffic, and depending on the IM service, you can block particular activities (also
known as application behaviors) in an IM session. For example, you can allow an
IM session with a particular IM service provider, but block file transfers within that
session.
messenger (IM) traffic that runs on top of HTTP. You can block or monitor the IM
traffic, and depending on the IM service, you can block particular activities (also
known as application behaviors) in an IM session. For example, you can allow an
IM session with a particular IM service provider, but block file transfers within that
session.
You control IM traffic by configuring Instant Messenger application settings on the
Applications Visibility and Control page of Access Policies.
Applications Visibility and Control page of Access Policies.
For more information, see the “Controlling Instant Messaging Traffic” section in
the “Understanding Application Visibility and Control” chapter of the Cisco
IronPort AsyncOS for Web User Guide. You can view this chapter in the PDF or the
online help.
the “Understanding Application Visibility and Control” chapter of the Cisco
IronPort AsyncOS for Web User Guide. You can view this chapter in the PDF or the
online help.
New Feature:
SaaS Access
Control
SaaS Access
Control
AsyncOS for Web 7.0 includes the SaaS Access Control feature which provides IT
administrators with seamless, secure controls necessary for managing access to
Software as a Service (SaaS) applications and enforcing security policies. SaaS
Access Control allows IT administrators to easily control authentication and
authorization for users who need to access SaaS applications.
administrators with seamless, secure controls necessary for managing access to
Software as a Service (SaaS) applications and enforcing security policies. SaaS
Access Control allows IT administrators to easily control authentication and
authorization for users who need to access SaaS applications.
When you enable Cisco SaaS Access Control, users log into the configured SaaS
applications using their network authentication user credentials. That means they
use the same user name and password for all SaaS applications as well as network
access. You can choose whether users are transparently signed in (single sign-on
functionality) or prompted to enter their authentication user name and password.
applications using their network authentication user credentials. That means they
use the same user name and password for all SaaS applications as well as network
access. You can choose whether users are transparently signed in (single sign-on
functionality) or prompted to enter their authentication user name and password.
The SaaS Access Control solution uses the Security Assertion Markup Language
(SAML) to authorize access to SaaS applications. It works with SaaS applications
that are compliant with SAML version 2.0.
(SAML) to authorize access to SaaS applications. It works with SaaS applications
that are compliant with SAML version 2.0.
To enable SaaS Access Control, you must configure settings on both the Web
Security appliance and the SaaS application. It is very important that the settings
you configure on the appliance and SaaS application match each other
appropriately.
Security appliance and the SaaS application. It is very important that the settings
you configure on the appliance and SaaS application match each other
appropriately.
For more information, see the “Controlling Access to SaaS Applications” chapter
of the Cisco IronPort AsyncOS for Web User Guide. You can view this chapter in
the PDF or the online help.
of the Cisco IronPort AsyncOS for Web User Guide. You can view this chapter in
the PDF or the online help.
Table 1
New Features for AsyncOS 7.0 for Web (continued)
Feature
Description