Cisco Cisco Web Security Appliance S670 User Guide
10-7
AsyncOS 10.0 for Cisco Web Security Appliances User Guide
Chapter 10 Create Policies to Control Internet Requests
Policies
Creating a Policy
Before You Begin
•
Enable the appropriate proxy:
–
Web Proxy (for HTTP, decrypted HTTPS, and FTP)
–
HTTPS Proxy
–
SOCKS Proxy
•
Create associated Identification Profiles.
•
•
(Encrypted HTTPS only) Upload or generate a Certificate and Key.
•
(Data Security only) Enable Cisco Data Security Filters Settings.
•
(External DLP only) Define an External DLP server.
•
(Routing only) Define the associated upstream proxy on the Web Security appliance.
•
(Optional) Create associated client applications.
•
(Optional) Create associated time ranges. See
.
•
(Optional) Create associated URL categories. See
.
Step 1
In the Policy Settings section, use the Enable Identity check box to enable this policy, or to quickly
disable it without deleting it.
disable it without deleting it.
Step 2
Assign a unique policy Name.
Step 3
A Description is optional.
Step 4
From the Insert Above drop-down list, choose where this policy is to appear in the table.
Note
Arrange policies such that, from top to bottom of the table, they are in most-restrictive to
least-restrictive order. See
least-restrictive order. See
Step 5
In the Policy Member Definition section, specify how user and group
membership is defined: from the
Identification Profiles and Users list, choose one of the following:
•
All Identification Profiles – This policy will apply to all existing profiles. You must also define
at least one Advanced option.
at least one Advanced option.
•
Select One or More Identification Profiles – A table for specifying individual Identification
Profiles appears, one profile-membership definition per row.
Profiles appears, one profile-membership definition per row.
Step 6
If you chose All Identification Profiles:
a.
Specify the authorized users and groups to which this policy applies by selecting one of the
following options:
following options:
•
All Authenticated Users – All users identified through authentication or transparent identification.
•
Selected Groups and Users – Specified users and groups are used.