Cisco Cisco Web Security Appliance S360 User Guide

You can configure the Web Security appliance to have stricter access requirements 
for administrators logging into the appliance. You might want to do this to meet 
certain organization requirements.

You configure these settings with the 

adminaccessconfig

 CLI command. You can 

configure the appliance to:

Display user-defined text at administrator login. 

Restrict administrator access to certain machines.

Require stronger SSL ciphers for administrator access. 

Using the 

adminaccessconfig > banner

 CLI command, you can configure the 

appliance to display any text you specify when an administrator tries to logs in. 
You might want to do this to display a banner that informs the user of 
organizational policies and conditions. The custom banner text appears when an 
administrator tries to access the appliance through all interfaces, such as the web 
interface or via FTP.

You can load the custom text by either pasting it into the CLI prompt or by 
copying it from a file located on the Web Security appliance. To upload the text 
from a file, you must first transfer the file to the configuration directory on the 
appliance using FTP.

Using the 

adminaccessconfig > ipaccess

 CLI command, you can control from 

which IP addresses administrators access the Web Security appliance. 
Administrators can access the appliance from any machine or from machines with 
an IP address from a list you specify.

When restrict access to an allow list, you can specify IP addresses, subnets, or 
CIDR addresses.