Cisco Cisco Web Security Appliance S190 Guía Del Usuario
5-35
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 5 Web Proxy Services
Advanced Proxy Configuration
FTPOVERHTTP Options
describes the FTPOVERHTTP options for the
advancedproxyconfig
CLI command.
HTTPS Options
describes the HTTPS options for the
advancedproxyconfig
CLI command.
Table 5-10
advancedproxyconfig CLI Command—FTPOVERHTTP Options
Option
Valid
Values
Values
Default
Value
Value
Web Proxy
Must Restart
Must Restart
Description
Enter the login name to be
used for anonymous FTP
access:
used for anonymous FTP
access:
String
anonymous
No
Anonymous FTP login name.
Enter the password to be
used for anonymous FTP
access:
used for anonymous FTP
access:
String
proxy@
No
Anonymous FTP login
password.
password.
Table 5-11
advancedproxyconfig CLI Command—HTTPS Options
Option
Valid
Values
Values
Default
Value
Value
Web Proxy
Must Restart
Must Restart
Description
HTTPS URI Logging
Style:
Style:
fulluri or
stripquery
stripquery
fulluri
Yes
You can log the entire URI (fulluri), or
a partial form of the URI with the query
portion removed (stripquery).
However, even when you choose to
strip the query from the URI,
personally identifiable information
may still remain.
a partial form of the URI with the query
portion removed (stripquery).
However, even when you choose to
strip the query from the URI,
personally identifiable information
may still remain.
Would you like to
decrypt
unauthenticated
transparent HTTPS
requests for
authentication
purpose?
decrypt
unauthenticated
transparent HTTPS
requests for
authentication
purpose?
Yes, No
(Boolean)
Yes
No
Choose how the Web Proxy handles
transparently redirected HTTPS
transactions it receives before an HTTP
request that was authenticated using an
identity with an IP-based surrogate.
Select one of the following options:
transparently redirected HTTPS
transactions it receives before an HTTP
request that was authenticated using an
identity with an IP-based surrogate.
Select one of the following options:
•
Yes. Decrypt the HTTPS request
for authentication purposes.
for authentication purposes.
•
No. Deny the HTTPS request.
Action to be taken
when HTTPS servers
ask for client
certificate during
handshake:
when HTTPS servers
ask for client
certificate during
handshake:
1, 2
2
Yes
Choose how the HTTPS Proxy
responds to an HTTPS server when it
asks for a client certificate during the
SSL handshake:
responds to an HTTPS server when it
asks for a client certificate during the
SSL handshake:
•
1. Pass through the transaction
•
2. Reply with certificate
unavailable
unavailable
Note
You can read the Proxy Logs to
learn when an HTTPS server
requested a client certificate.
learn when an HTTPS server
requested a client certificate.