Cisco Cisco Web Security Appliance S380 User Guide

(bugs 38046, 40843, 41282)

With the HTTPS Proxy is enabled, Decryption Policies handle all HTTPS policy decisions. You can no 
longer define Access and Routing Policy group membership by HTTPS, nor can you configure Access 
Policies to block HTTPS transactions. 

If some Access and Routing Policy group memberships are defined by HTTPS and if some Access 
Policies block HTTPS, then when you enable the HTTPS Proxy, those Access and Routing Policy groups 
become disabled. You can choose to enable the policies at any time, but all HTTPS related configurations 
are removed. (bugs 38046, 40843, 41282)

When you block Microsoft Office files in the Block Object Type section, it is possible that some 
Microsoft Office files will not be blocked. 

If you need to block all Microsoft Office files, add 

 in the Block Custom MIME 

Types field. However, blocking this custom MIME type also blocks all Microsoft Compound Object 
format types, such as Visio files and some third-party applications. 

When you configure the Web Security appliance to block DOS executable object types, the appliance 
also blocks updates for Windows OneCare. 

Disabling an Identification Profile removes it from associated policies. Verify that the Identification 
Profile is enabled and then add it to the policy again.