Cisco Cisco Web Security Appliance S690 User Guide
6-9
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
Chapter 6 Working with Policies
Working with Policy Groups
•
Policy group membership. Define how to group users that belong to the
policy group. For user defined policy groups, you can group by different
properties, such as client IP address, authentication group or user name, or
URL category. The properties you can define for a policy depends on the
policy type.
policy group. For user defined policy groups, you can group by different
properties, such as client IP address, authentication group or user name, or
URL category. The properties you can define for a policy depends on the
policy type.
Click the policy group name to edit the group membership requirements, such
as client IP address and authentication requirements. A page is displayed
where you can configure membership requirements.
as client IP address and authentication requirements. A page is displayed
where you can configure membership requirements.
Note
For global policies, you can only define the membership requirements for
the global Identity group and not for the global Access, Decryption, or
Routing groups. Global Access, Decryption, and Routing groups always
match all Identities.
the global Identity group and not for the global Access, Decryption, or
Routing groups. Global Access, Decryption, and Routing groups always
match all Identities.
For more information about policy group membership, see
•
Policy group control settings. Define how users in the group can use the
Internet. The control settings you can define depend on the policy type. For
example, for Routing Policies, you define from which proxy group to fetch
the content, and for Access Policies, you can use the Web Security appliance
features, such as Web Reputation, anti-malware scanning, and more to
determine whether or not to allow the client request.
Internet. The control settings you can define depend on the policy type. For
example, for Routing Policies, you define from which proxy group to fetch
the content, and for Access Policies, you can use the Web Security appliance
features, such as Web Reputation, anti-malware scanning, and more to
determine whether or not to allow the client request.
Click the link in the policy group row under the control setting you want to
configure, such as URL Categories or Routing Destination. When you click a
link in the table, a page is displayed where you can configure settings for that
policy group.
configure, such as URL Categories or Routing Destination. When you click a
link in the table, a page is displayed where you can configure settings for that
policy group.
For more information on configuring control settings for each policy type, see
the following sections:
the following sections:
–
–
–
–
–