Cisco Cisco Web Security Appliance S190 Guía Del Usuario
Chapter 13 Achieving Secure Mobility
Logging
13-6
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
Step 1
Enable Secure Mobility Solution on the Security Services > Mobile User Security
page.
page.
For more information, see
Step 2
Create an Identity group that applies to remote users:
a.
In the “Define Members by User Location” section, select Remote Users
Only.
Only.
b.
In the “Define Members by Authentication” section, select “Identify Users
Transparently through Cisco ASA Integration.”
Transparently through Cisco ASA Integration.”
c.
Configure all other Identity options as desired.
For more information on creating Identities, see
.
Step 3
Create policies that use the Identity for remote users.
Logging
The access logs indicate whether each transaction was made by a local or remote
user. You can also add the same custom format specifier (%l) to the existing
access logs, or you can add the equivalent W3C field (auth-user-type) to the W3C
access logs.
user. You can also add the same custom format specifier (%l) to the existing
access logs, or you can add the equivalent W3C field (auth-user-type) to the W3C
access logs.
In addition to the access logs, the Web Security appliance provides the following
logs for troubleshooting potential Secure Mobility Solution issues.
logs for troubleshooting potential Secure Mobility Solution issues.
•
User Discovery Service (UDS) log. The UDS log records data about how the
Web Proxy discovers the user name without doing actual authentication. It
includes information about interacting with the Cisco adaptive security
appliance for Secure Mobility Solution as well as integrating with the Novell
eDirectory server for transparent user identification.
Web Proxy discovers the user name without doing actual authentication. It
includes information about interacting with the Cisco adaptive security
appliance for Secure Mobility Solution as well as integrating with the Novell
eDirectory server for transparent user identification.
•
Mobile User Security Daemon log. The Mobile User Security Daemon log
records the interaction between the Web Security appliance and the
AnyConnect client, including the status check.
records the interaction between the Web Security appliance and the
AnyConnect client, including the status check.