Cisco Cisco Web Security Appliance S690 Guía Del Usuario
10-35
Cisco IronPort AsyncOS 7.0 for Web User Guide
OL-23079-01
Chapter 10 Decryption Policies
Controlling HTTPS Traffic
information about working with URL filters, see
. For
more information about configuring URL categories, see
Note
If you want to block (with end-user notification) a particular URL
category for HTTPS requests instead of drop (with no end-user
notification), choose to decrypt that URL category in the Decryption
Policy group and then choose to block the same URL category in the
Access Policy group.
category for HTTPS requests instead of drop (with no end-user
notification), choose to decrypt that URL category in the Decryption
Policy group and then choose to block the same URL category in the
Access Policy group.
•
Web reputation. You can configure the action to take on HTTPS requests
based on the web reputation score of the requested server. Click the link under
the Web Reputation column for the policy group you want to configure. For
more information about working with web reputation scores, see
based on the web reputation score of the requested server. Click the link under
the Web Reputation column for the policy group you want to configure. For
more information about working with web reputation scores, see
.
•
Default action. You can configure the action the appliance should take when
none of the other settings apply. Click the link under the Default Action
column for the policy group you want to configure.
none of the other settings apply. Click the link under the Default Action
column for the policy group you want to configure.
Note
The configured default action only affects the transaction when no
decision is made based on URL category or Web Reputation score. If Web
Reputation filtering is disabled, the default action applies to all
transactions that match a Monitor action in a URL category. If Web
Reputation filtering is enabled, the default action is used only if the
Monitor action is selected for sites with no score.
decision is made based on URL category or Web Reputation score. If Web
Reputation filtering is disabled, the default action applies to all
transactions that match a Monitor action in a URL category. If Web
Reputation filtering is enabled, the default action is used only if the
Monitor action is selected for sites with no score.
After a Decryption Policy group is assigned to an HTTPS request, the control
settings for the policy group are evaluated to determine whether to drop, pass
through, or decrypt the HTTPS connection request. For more information about
assigning a Decryption Policy group to an HTTPS request, see
settings for the policy group are evaluated to determine whether to drop, pass
through, or decrypt the HTTPS connection request. For more information about
assigning a Decryption Policy group to an HTTPS request, see
shows how the appliance determines which action to take
on an HTTPS request after it has assigned a particular Decryption Policy to the
request.
request.