Cisco Cisco Web Security Appliance S360 User Guide

Submit and commit your changes.

User Session 
Restrictions

This setting specifies whether or not authenticated 
users are allowed to access the Internet from multiple 
IP addresses simultaneously.

You might want to restrict access to one machine to 
prevent users from sharing their authentication 
credentials with non-authorized users. When a user is 
prevented from logging at a different machine, an 
end-user notification page appears. You can choose 
whether or not users can click a button to login as a 
different username using the Re-authentication setting 
on this page.

When you enable this setting, enter the restriction 
timeout value, which determines how long users must 
wait before being able to log into a machine with a 
different IP address. The restriction timeout value must 
be greater than the surrogate timeout value.

You can a specific user or all users from the 
authentication cache using the 

authcache

 CLI 

command.

Advanced

When using Credential Encryption or SaaS Access 
Control, you can choose whether the appliance uses the 
digital certificate and key shipped with the appliance 
(the IronPort Appliance Demo Certificate) or a digital 
certificate and key you upload here.

To upload a digital certificate and key, click Browse 
and navigate to the necessary file on your local 
machine. Then click Upload Files after you select the 
files you want.

For more information, see