Cisco Cisco Web Security Appliance S160 Guía Del Usuario
C H A P T E R
9-1
Cisco IronPort AsyncOS 7.7 for Web User Guide
9
Block, Allow or Redirect Transaction Requests
•
•
•
•
•
Overview of Block, Allow, or Redirect Transaction Requests
The web proxy controls web traffic based on the policies that you create for groups of transaction
requests.
requests.
•
Allow. The Web Proxy permits the connection without interruption. Allowed connections may not
have been scanned by the DVS engine.
have been scanned by the DVS engine.
•
Block. The Web Proxy does not permit the connection and instead displays an end user notification
page explaining the reason for the block.
page explaining the reason for the block.
•
Redirect. The Web Proxy does not allow the connection to the originally requested destination
server and instead connects to a different specified URL. You might want to redirect traffic at the
appliance if your organization published the links to an internal site, but the location of the site
changed since publication, or if you do not have control over the web server.
server and instead connects to a different specified URL. You might want to redirect traffic at the
appliance if your organization published the links to an internal site, but the location of the site
changed since publication, or if you do not have control over the web server.
Generally, different types of policies control traffic based on the transport protocol.
You can configure AsyncOS to block, allow, or redirect transaction requests based on these
characteristics of the transaction request:
characteristics of the transaction request:
•
Identity assigned by AsyncOS to the transaction request
Policy Type
Protocol
Access
Decryption
FTP
SOCKS
Notes
HTTP
X
HTTPS
X
X
Decryption policy takes precedence
over Access policy.
over Access policy.
FTP
X
X
FTP Policy takes precedence over
Access policy.
Access policy.
SOCKS
X