Cisco Cisco Web Security Appliance S160 Guía Del Usuario
6-2
Cisco AsyncOS 8.0.6 for Web User Guide
Chapter 6 Classify End-Users and Client Software
Classify Users and Client Software: Best Practices
One policy may call on multiple identities:
Classify Users and Client Software: Best Practices
•
Create fewer, more general Identities that apply to all users or fewer, larger groups of users. Use
policies, rather than identities, for more granular management.
policies, rather than identities, for more granular management.
•
Create Identities with unique criteria.
•
If deployed in transparent mode, create an Identity for sites that do not support authentication. See
.
Identity Criteria
This Identity uses an authentication sequence and this policy applies to
one realm in the sequence.
one realm in the sequence.
Authentication is not used for this Identity.
This Identity allows guest access and applies to users who fail
authentication.
authentication.
The specified user groups in this Identity are authorized for this policy.
Option
Description
Subnet
The client subnet must match the list of subnets in a policy
Protocol
The protocol used in the transaction, either HTTP, HTTPS, SOCKS, or native FTP
Port
The proxy port of the request must be in the Identity’s list of ports, if any listed . For
explicit forward connections this is the port configured in the browser. For
transparent connections this is the same as the destination port.
explicit forward connections this is the port configured in the browser. For
transparent connections this is the same as the destination port.