Cisco Cisco Web Security Appliance S160 Guía Del Usuario
Chapter 3 Deployment
Deployment Overview
3-2
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
•
Secure web proxy. The appliance web proxy service monitors and scans web
traffic for malicious content. When you enable the web proxy, you can
configure it to be in transparent or explicit forward mode.
traffic for malicious content. When you enable the web proxy, you can
configure it to be in transparent or explicit forward mode.
•
L4 Traffic Monitor. The L4 Traffic Monitor detects and blocks rogue traffic
across all ports and IP addresses. The L4 Traffic Monitor listens to network
traffic that comes in over all ports and IP addresses on the appliance and
matches domain names and IP addresses against entries in its own database
tables to determine whether to allow outgoing traffic.
across all ports and IP addresses. The L4 Traffic Monitor listens to network
traffic that comes in over all ports and IP addresses on the appliance and
matches domain names and IP addresses against entries in its own database
tables to determine whether to allow outgoing traffic.
By default, both the L4 Traffic Monitor and Web Proxy are enabled in the System
Setup Wizard. If you need to disable both or one of these features, you can do so
after initial setup from the web interface.
Setup Wizard. If you need to disable both or one of these features, you can do so
after initial setup from the web interface.
The features you enable determine how you deploy and physically connect the
appliance to the network. For more information about how the features you enable
affect appliance deployment, see
appliance to the network. For more information about how the features you enable
affect appliance deployment, see
. For more
information about the Ethernet ports used to physically connect the appliance to
the network, see
the network, see
.
Preparing for Deployment
Before installing the Web Security appliance, read through the following
questions and use the responses to each question to help you decide how to deploy
the appliance and where to locate it in your network. Each response includes a
reference to a different section that covers the response in more detail.
questions and use the responses to each question to help you decide how to deploy
the appliance and where to locate it in your network. Each response includes a
reference to a different section that covers the response in more detail.
1.
Will you deploy the Web Security appliance as a transparent proxy or an
explicit forward proxy?
explicit forward proxy?
–
Explicit Forward Proxy. Client applications, such as web browsers, are
aware of the Web Proxy and must be configured to point to a single Web
Security appliance. This deployment requires a connection to a standard
network switch. When you deploy the Web Proxy in explicit forward
mode, you can place it anywhere in the network. For more information,
see
aware of the Web Proxy and must be configured to point to a single Web
Security appliance. This deployment requires a connection to a standard
network switch. When you deploy the Web Proxy in explicit forward
mode, you can place it anywhere in the network. For more information,
see
–
Transparent Proxy. Clients applications are unaware of the Web Proxy
and do not have to be configured to connect to the proxy. This
deployment requires an L4 switch or a WCCP v2 router. For more
information, see
and do not have to be configured to connect to the proxy. This
deployment requires an L4 switch or a WCCP v2 router. For more
information, see