Cisco Cisco Web Security Appliance S190 Guía Del Usuario
6-3
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 6 SOCKS Proxy Services
Creating SOCKS Policies
Creating SOCKS Policies
Step 1
Navigate to Web Security Manager > SOCKS Policies.
Step 2
Click Add Policy.
Step 3
Assign a name in the Policy Name field.
Note
Each policy group name must be unique and only contain alphanumeric characters or the space
character.
character.
Step 4
(Optional) Add a description.
Step 5
In the Insert Above Policy field, choose where in the SOCKS policies table to insert this SOCKS policy.
When configuring multiple SOCKS policies, determine a logical order for each policy. Carefully order
your policies to ensure that correct matching occurs.
your policies to ensure that correct matching occurs.
Step 6
In the Identities and Users section, choose one or more Identities to apply to this policy group.
Step 7
(Optional) Expand the Advanced section to define additional membership requirements.
Table 6-2
Advanced Option
Description
Proxy Ports
The port configured in the browser.
Optionally, define policy group membership by the proxy port used to access the
Web Proxy. Enter one or more port numbers in the Proxy Ports field. Separate
multiple ports with commas.
Web Proxy. Enter one or more port numbers in the Proxy Ports field. Separate
multiple ports with commas.
You might want to define policy group membership on the proxy port if you have
one set of clients configured to explicitly forward requests on one port, and another
set of clients configured to explicitly forward requests on a different port.
one set of clients configured to explicitly forward requests on one port, and another
set of clients configured to explicitly forward requests on a different port.
Note: If the Identity associated with this policy group defines Identity membership
by this advanced setting, the setting is not configurable at the SOCKS policy group
level.
by this advanced setting, the setting is not configurable at the SOCKS policy group
level.
Subnets
(Optional) Define policy group membership by subnet or other addresses.
You can choose to use the addresses that may be defined with the associated
Identity, or you can enter specific addresses here.
Identity, or you can enter specific addresses here.
Note: If the Identity associated with this policy group defines its membership by
addresses, then in this policy group you must enter addresses that are a subset of
the Identity’s addresses. Adding addresses in the policy group further narrows
down the list of transactions that match this policy group.
addresses, then in this policy group you must enter addresses that are a subset of
the Identity’s addresses. Adding addresses in the policy group further narrows
down the list of transactions that match this policy group.
Time Range
(Optional) Define policy group membership by time range:
1.
Select a time range from the Time Range field.
2.
Specify whether this policy group should apply to the times inside or outside
the selected time range.
the selected time range.
For more information about creating time based policies, see
.
For more information about creating time ranges, see
.