Cisco Cisco Web Security Appliance S360 User Guide

Credential Cache 
Options:

Surrogate Timeout

This setting specifies how long the Web Proxy waits 
before asking the client for authentication credentials 
again. Until the Web Proxy asks for credentials again, 
it uses the value stored in the surrogate (IP address or 
cookie).

Note that it is common for user agents, such as 
browsers, to cache the authentication credentials so the 
user will not be prompted to enter credentials each 
time.

Credential Cache 
Options:

Client IP Idle Timeout

When IP address is used as the authentication 
surrogate, this setting specifies how long the Web 
Proxy waits before asking the client for authentication 
credentials again when the client has been idle. 

When this value is greater than the Surrogate Timeout 
value, this setting has no effect and clients are 
prompted for authentication after the Surrogate 
Timeout is reached.

You might want to use this setting to reduce the 
vulnerability of users who leave their computers.

Credential Cache 
Options:

Cache Size

Specifies the number of entries that are stored in the 
authentication cache. Set this value to safely 
accommodate the number of users that are actually 
using this device. The default value is the 
recommended setting.