Cisco Cisco Web Security Appliance S690 User Guide
28-6
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 28 Common Tasks
Bypassing Web Reputation Filtering without Bypassing Anti-Malware Scanning
Step 1
Navigate to the Web Security Manager > Custom URL Categories page.
Step 2
On the Customer URL Categories page, click Add Custom Category.
Step 3
In the Category Name field, enter a name for this category, such as
HTTPSPassThru
.
Step 4
In the Sites field, enter the addresses for the websites you want to bypass decryption, such as
mypartnersite.com
Step 5
Click Submit.
Step 6
Navigate to the Web Security Manager > Identities page.
Step 7
Click Add Identity.
Step 8
In the Name field, enter a name for this policy, such as
WebsitesToBypassDecryption
.
Step 9
Under Membership Definition, click Advanced to expand the advanced policy options.
Step 10
Click the link next to URL Categories.
Step 11
On the Identities: Policy “WebsitesToBypassDecryption”: Membership by URL Categories page, in the
Custom URL Categories section, click in the Add column for the custom URL category created in
Custom URL Categories section, click in the Add column for the custom URL category created in
.
Step 12
Click Done.
Step 13
Click Submit.
Step 14
Navigate to the Web Security Manager > Decryption Policies page.
Step 15
Click Add Policy.
Step 16
In the Name field, enter a name for this policy, such as
DPPassThrough
.
Step 17
In the Identities and Users field, choose “Select One or More Identities.”
Step 18
In the Identity field, select the Identity created in
.
Step 19
Submit and Commit your changes.
Now, when users try to access the websites listed in
, they are able to view sites with no problem
while still decrypting traffic for other sites.
Where to Find More Information
You can read the following sections for more detailed information on the steps included in this task:
•
•
•
•
Bypassing Web Reputation Filtering without Bypassing
Anti-Malware Scanning
Anti-Malware Scanning
In this task, you will bypass Web Reputation filtering for some websites while still ensuring the content
downloaded from these sites is scanned for malware. You might want to do this to allow access to
particular websites your organization must work with that have very low web reputation scores (scores
downloaded from these sites is scanned for malware. You might want to do this to allow access to
particular websites your organization must work with that have very low web reputation scores (scores