Cisco Cisco Web Security Appliance S690 User Guide
10-13
AsyncOS 8.8 for Cisco Web Security Appliances User Guide
Chapter 10 Create Policies to Control Internet Requests
Time Ranges and Volume Quotas
Volume Quota Calculations
Calculation of volume quotas is as follows:
•
HTTP and decrypted HTTPS traffic – The HTTP request and response body are counted toward
quota limits. The request headers and response headers will not be counted toward the limits.
quota limits. The request headers and response headers will not be counted toward the limits.
•
Tunnel traffic (including tunneled HTTPS) – AsyncOS simply shuttles the tunneled traffic from the
client to the server, and vice versa. The entire data volume of the tunnel traffic is counted toward
quota limits.
client to the server, and vice versa. The entire data volume of the tunnel traffic is counted toward
quota limits.
•
FTP – The control-connection traffic is not counted. The size of the file uploaded and downloaded
is counted toward quota limits.
is counted toward quota limits.
Note
Only client-side traffic is counted toward quota limits. Cached content also counts toward the limit, as
client-side traffic is generated even when a response is served from the cache.
client-side traffic is generated even when a response is served from the cache.
Time Quota Calculations
Calculation of time quotas is as follows:
•
HTTP and decrypted HTTPS traffic – The duration of each connection to the same URL category,
from formation to disconnect, plus one minute, is counted toward the time quota limit. If multiple
requests are made to the same URL category within one minute of each other, they are counted as
one continuous session and the one minute is added only at the end of this session (that is, after at
least one minute of “silence”).
from formation to disconnect, plus one minute, is counted toward the time quota limit. If multiple
requests are made to the same URL category within one minute of each other, they are counted as
one continuous session and the one minute is added only at the end of this session (that is, after at
least one minute of “silence”).
•
Tunnel traffic (including tunneled HTTPS) – The actual duration of the tunnel, from formation to
disconnect, counts toward quota limits. The above calculation for multiple requests applies to
tunneled traffic as well.
disconnect, counts toward quota limits. The above calculation for multiple requests applies to
tunneled traffic as well.
•
FTP – The actual duration of the FTP control session, from formation to disconnect, counts toward
quota limits. The above calculation for multiple requests applies to FTP traffic as well.
quota limits. The above calculation for multiple requests applies to FTP traffic as well.
Defining Time and Volume Quotas
Before You Begin
•
Go to Security Services > Acceptable Use Controls to enable Acceptable Use Controls.
•
Define a time range unless you want the quota to apply as a daily limit. See
.
Step 1
Navigate to Web Security Manager > Define Time Ranges and Quotas.
Step 2
Click Add Quota.
Step 3
Enter a unique Quota Name in the field.
Step 4
To reset the quota every day, select Reset this quota daily at and enter a time in the 12-hour format in
the field, then choose AM or PM from the menu. Alternatively, select Select a predefined time range
profile.
the field, then choose AM or PM from the menu. Alternatively, select Select a predefined time range
profile.
Step 5
To set a time quota, select the Time Quota check box and choose the number of hours from the hrs menu
and the number of minutes from the mins menu, from zero (always blocked) to 23 hours and 59 minutes.
and the number of minutes from the mins menu, from zero (always blocked) to 23 hours and 59 minutes.
Step 6
To set a volume quota enter a number in the field and choose KB (kilobytes), MB (megabytes), or GB
(gigabytes) from the menu.
(gigabytes) from the menu.