Cisco Cisco Web Security Appliance S670 User Guide
Chapter 7 Identities
Creating Identities
7-22
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
The setting chosen here affects the available authentication settings for this
Identity.
Identity.
Note
This section only appears when the Secure Mobility Solution is enabled.
For more information, see
For more information, see
Step 6
In the Define Members by Subnet field, enter the addresses to which this Identity
should apply.
should apply.
You can enter IP addresses, CIDR blocks, and subnets. Separate multiple
addresses with commas.
addresses with commas.
Note
If you do not enter an address in this field, the Identity group applies to
all IP addresses. For example, if you configure the Identity to require
authentication, but do not define any other settings, then the Identity acts
similarly to the Default Identity Policy with authentication required.
all IP addresses. For example, if you configure the Identity to require
authentication, but do not define any other settings, then the Identity acts
similarly to the Default Identity Policy with authentication required.
Step 7
In the Define Members by Protocol section, choose to which protocols this
Identity should apply:
Identity should apply:
•
All protocols. Applies to all protocols the Web Security appliance supports.
•
HTTP/HTTPS Only. Applies to all requests that use HTTP or HTTPS as the
underlying protocol, including FTP over HTTP and any other protocol
tunneled using HTTP CONNECT.
underlying protocol, including FTP over HTTP and any other protocol
tunneled using HTTP CONNECT.
•
Native FTP Only. Applies to native FTP requests only.
Step 8
In the Define Members by Authentication section, choose whether or not this
Identity requires authentication. You can choose one of the following options:
Identity requires authentication. You can choose one of the following options:
•
No Authentication. The user is identified primarily by IP address. Go to
.
•
Require Authentication. The user is identified by the authentication
credentials entered. Go to
credentials entered. Go to
.
•
Identify Users Transparently through Novell eDirectory. The user is
identified by the current IP address to user name mapping received from the
Novell eDirectory server. Go to
identified by the current IP address to user name mapping received from the
Novell eDirectory server. Go to