Cisco Cisco Web Security Appliance S670 User Guide
Chapter 5 Web Proxy Services
Bypassing the Web Proxy
5-16
Cisco IronPort AsyncOS 7.1 for Web User Guide
OL-23207-01
•
Ensure that traffic from a particular machine inside the network, such as a
malware test machine, bypasses the Web Proxy and all its built-in security
protection.
malware test machine, bypasses the Web Proxy and all its built-in security
protection.
Define the proxy bypass list on the Web Security Manager > Bypass Settings
page.
page.
shows a sample proxy bypass list.
Figure 5-3
Proxy Bypass List
To include an address in the proxy bypass list, click Edit Proxy Bypass Settings.
You can enter multiple addresses separated by line breaks or commas. You can
enter addresses using any of the following formats:
You can enter multiple addresses separated by line breaks or commas. You can
enter addresses using any of the following formats:
•
IP address, such as 10.1.1.0
•
CIDR address, such as 10.1.1.0/24
•
Hostname, such as crm.example.com
•
domain names, such as example.com
Note
For the proxy bypass list to work with domain names, you need to connect the T1
and T2 network interfaces to the network even if you do not enable the L4 Traffic
Monitor. For more information, see
and T2 network interfaces to the network even if you do not enable the L4 Traffic
Monitor. For more information, see
When transactions bypass the Web Proxy, AsyncOS for Web records them in the
proxy bypass logs. For more information about logging, see
proxy bypass logs. For more information about logging, see
Note
If the proxy bypass list contains an address that is a known malware address
according to the L4 Traffic Monitor and the L4 Traffic Monitor sees a request for
that address, then the request will still be blocked by the L4 Traffic Monitor. If
according to the L4 Traffic Monitor and the L4 Traffic Monitor sees a request for
that address, then the request will still be blocked by the L4 Traffic Monitor. If