Cisco Cisco Web Security Appliance S670 User Guide
9-14
AsyncOS 9.1.1 for Cisco Web Security Appliances User Guide
Chapter 9 Classify URLs for Policy Application
Creating and Editing Custom URL Categories
Step 4
In the Custom URL Category Filtering section, choose an action for each custom URL category.
Step 5
In the Predefined URL Category Filtering section, choose one of the following actions for each category:
•
Use Global Settings
•
Monitor
•
Block
Step 6
In the Uncategorized URLs section, choose the action to take for upload requests to web sites that do not
fall into a predefined or custom URL category. This setting also determines the default action for new
and merged categories resulting from URL category set updates.
fall into a predefined or custom URL category. This setting also determines the default action for new
and merged categories resulting from URL category set updates.
Step 7
Submit and Commit Changes.
•
.
Creating and Editing Custom URL Categories
You can create custom URL categories that specify specific host names and IP addresses. In addition,
you can edit and delete existing URL categories. When you include these custom URL categories in the
same Access, Decryption, or Cisco Data Security Policy group and define different actions to each
category, the action of the higher included custom URL category takes effect.
you can edit and delete existing URL categories. When you include these custom URL categories in the
same Access, Decryption, or Cisco Data Security Policy group and define different actions to each
category, the action of the higher included custom URL category takes effect.
Action
Description
Use Global
Setting
Setting
Uses the action for this category in the Global Policy Group. This is the default
action for user defined policy groups.
action for user defined policy groups.
Applies to user defined policy groups only.
When a custom URL category is excluded in the global Cisco Data Security Policy,
then the default action for included custom URL categories in user defined Cisco
Data Security Policies is Monitor instead of Use Global Settings. You cannot choose
Use Global Settings when a custom URL category is excluded in the global Cisco
Data Security Policy.
then the default action for included custom URL categories in user defined Cisco
Data Security Policies is Monitor instead of Use Global Settings. You cannot choose
Use Global Settings when a custom URL category is excluded in the global Cisco
Data Security Policy.
Allow
Always allows upload requests for web sites in this category. Applies to custom URL
categories only.
categories only.
Allowed requests bypass all further data security scanning and the request is
evaluated against Access Policies.
evaluated against Access Policies.
Only use this setting for trusted web sites. You might want to use this setting for
internal sites.
internal sites.
Monitor
The Web Proxy neither allows nor blocks the request. Instead, it continues to
evaluate the upload request against other policy group control settings, such as web
reputation filtering.
evaluate the upload request against other policy group control settings, such as web
reputation filtering.
Block
The Web Proxy denies transactions that match this setting.