Cisco Cisco Web Security Appliance S160 Guía Del Usuario
7-4
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 7 Policies
Policy Types
Configure Access Policy groups on the Web Security Manager > Access Policies page. For more
information about Access Policy groups, see
information about Access Policy groups, see
Cisco IronPort Data Security Policies
Cisco IronPort Data Security Policies determine whether or not to block a request to upload data using
logic defined on the Web Security appliance. They address the question, “to block the upload of data?”
logic defined on the Web Security appliance. They address the question, “to block the upload of data?”
The Web Proxy uses Cisco IronPort Data Security Policies to evaluate and scan HTTP requests and
decrypted HTTPS requests that have any data in the request body.
decrypted HTTPS requests that have any data in the request body.
Configure Data Security Policy groups on the Web Security Manager > Cisco IronPort Data Security
page. For more information about Data Security Policy groups, see
page. For more information about Data Security Policy groups, see
External DLP Policies
External DLP (data loss prevention) policies determine whether or not to block a request to upload data
using logic stored on an external DLP server. They address the question, “to block the upload of data?”
using logic stored on an external DLP server. They address the question, “to block the upload of data?”
The Web Proxy uses External DLP Policies to evaluate HTTP requests and decrypted HTTPS requests
that have any data in the request body and send them to an external DLP server for scanning.
that have any data in the request body and send them to an external DLP server for scanning.
Configure External DLP Policy groups on the Web Security Manager > External Data Loss Prevention
page. For more information about External DLP Policy groups, see
page. For more information about External DLP Policy groups, see
Outbound Malware Scanning Policies
Outbound Malware Scanning Policies determine whether or not to block a request to upload data that
contains malicious data. They address the question, “To block the upload of malicious data?”
contains malicious data. They address the question, “To block the upload of malicious data?”
The Web Proxy uses Outbound Malware Scanning Policies to scan for malware HTTP requests and
decrypted HTTPS requests that have any data in the request body.
decrypted HTTPS requests that have any data in the request body.
Configure Outbound Malware Scanning Policy groups on the Web Security Manager > Outbound
Malware Scanning page. For more information about Outbound Malware Scanning Policy groups, see
Malware Scanning page. For more information about Outbound Malware Scanning Policy groups, see
.
SaaS Application Authentication Policies
SaaS Application Authentication Policies determine whether or not a user is allowed access to a
Software as a Service (SaaS) application. They address the question, “to allow this user access to a SaaS
application?”
Software as a Service (SaaS) application. They address the question, “to allow this user access to a SaaS
application?”
SaaS Application Authentication Policies determine how the appliance controls user access to
configured SaaS applications, such as WebEx. When you enable Cisco SaaS Access Control, users log
into the configured SaaS applications using their network authentication user credentials. That means
they use the same user name and password for all SaaS applications as well as network access.
configured SaaS applications, such as WebEx. When you enable Cisco SaaS Access Control, users log
into the configured SaaS applications using their network authentication user credentials. That means
they use the same user name and password for all SaaS applications as well as network access.
Configure SaaS Application Authentication Policy groups on the Web Security Manager > SaaS Policies
page. For more information about SaaS Application Authentication Policy groups, see
page. For more information about SaaS Application Authentication Policy groups, see
.