Cisco Cisco Web Security Appliance S680 Guía Del Usuario
10-2
AsyncOS 8.1 for Cisco Web Security User Guide
Chapter 10 Create Decryption Policies to Control HTTPS Traffic
Managing HTTPS Traffic through Decryption Policies Best Practices
Managing HTTPS Traffic through Decryption Policies Task Overview
Managing HTTPS Traffic through Decryption Policies Best
Practices
Practices
•
Create fewer, more general Decryption Policy groups that apply to all users or fewer, larger groups
of users on the network. Then, if you need to apply more granular control to decrypted HTTPS
traffic, use more specific Access Policy groups.
of users on the network. Then, if you need to apply more granular control to decrypted HTTPS
traffic, use more specific Access Policy groups.
Decryption Policies
The appliance can perform any of the following actions on an HTTPS connection request:
Step
Task List for Managing HTTPS Traffic
through Decryption Policies
through Decryption Policies
Links to Related Topics and Procedures
1
Enabling the HTTPS proxy
2
Upload or Generate a certificate and key
•
•
3
Configuring Decryption options
5
(Optional) Configure invalid certificate
handling
handling
6
(Optional) Enabling real-time
revocation status checking
revocation status checking
7
(Optional) Manage trusted and blocked
certificates
certificates
Option
Description
Monitor
Monitor is an intermediary action that indicates the Web Proxy should continue
evaluating the transaction against the other control settings to determine which final
action to ultimately apply.
evaluating the transaction against the other control settings to determine which final
action to ultimately apply.
Drop
The appliance drops the connection and does not pass the connection request to the
server. The appliance does not notify the user that it dropped the connection.
server. The appliance does not notify the user that it dropped the connection.
Pass through The appliance passes through the connection between the client and the server without
inspecting the traffic content.
Decrypt
The appliance allows the connection, but inspects the traffic content. It decrypts the
traffic and applies Access Policies to the decrypted traffic as if it were a plaintext HTTP
connection. By decrypting the connection and applying Access Policies, you can scan
the traffic for malware.
traffic and applies Access Policies to the decrypted traffic as if it were a plaintext HTTP
connection. By decrypting the connection and applying Access Policies, you can scan
the traffic for malware.