Cisco Cisco Web Security Appliance S670 User Guide

Enable the appropriate proxy:

Web Proxy (for HTTP, decrypted HTTPS, and FTP)

HTTPS Proxy

SOCKS Proxy

Create associated Identification Profiles.

Understand 

(Encrypted HTTPS only) Upload or generate a Certificate and Key.

(Data Security only) Enable Cisco Data Security Filters Settings.

(External DLP only) Define an External DLP server.

(Routing only) Define the associated upstream proxy on the Web Security appliance.

(Optional) Create associated client applications.

(Optional) Create associated time ranges. See 

.

(Optional) Create associated URL categories. See 

.

In the Policy Settings section, use the Enable Identity check box to enable this policy, or to quickly 
disable it without deleting it.

Assign a unique policy Name.

A Description is optional.

From the Insert Above drop-down list, choose where this policy is to appear in the table.

Arrange policies such that, from top to bottom of the table, they are in most-restrictive to 
least-restrictive order. See 

 for more information.

In the Policy Member Definition section, specify how user and group

membership is defined: from the 

Identification Profiles and Users list, choose one of the following:

All Identification Profiles – This policy will apply to all existing profiles. You must also define 
at least one Advanced option.

Select One or More Identification Profiles – A table for specifying individual Identification 
Profiles appears, one profile-membership definition per row.

If you chose All Identification Profiles:

Specify the authorized users and groups to which this policy applies by selecting one of the 
following options:

All Authenticated Users – All users identified through authentication or transparent identification.

Selected Groups and Users – Specified users and groups are used.