Cisco Cisco Web Security Appliance S170 Guía Del Usuario
162
I R O N P O R T A S Y N C O S 6 . 3 F O R W E B U S E R G U I D E
B L O C K I N G S P E C I F I C A P P L I C A T I O N S A N D P R O T O C O L S
AOL Messenger, BitTorrent, Skype—the Web Security appliance can control and block access
to these types of applications. You can configure how the appliance manages these kinds of
applications based on the port being used:
to these types of applications. You can configure how the appliance manages these kinds of
applications based on the port being used:
• Port 80. You can control how the Web Security appliance manages these applications
using Access Policies, but only as they are accessed via HTTP tunneling on port 80.
• Ports other than 80. You can block these applications on other ports by using the L4
Traffic Monitor.
Use the Web Security Manager > Access Policies page to manage access and monitoring for
these types of applications on a more granular (per policy) level. Use the L4 Traffic Monitor to
manage access and monitoring on a more global basis.
these types of applications on a more granular (per policy) level. Use the L4 Traffic Monitor to
manage access and monitoring on a more global basis.
Blocking on Port 80
To block access to these types of applications where port 80 is used, you can use the Web
Security Manager > Access Policies page. The Access Policies page provides several methods
for blocking access. You can block access by clicking on any of the following columns for a
particular policy group:
Security Manager > Access Policies page. The Access Policies page provides several methods
for blocking access. You can block access by clicking on any of the following columns for a
particular policy group:
• Applications
• URL Categories
• Objects
You can block access to predefined URL categories such as Chat and Peer-to-Peer, or create
your own custom URL categories. You can block specific applications based on their “agent
patterns” or signatures.
your own custom URL categories. You can block specific applications based on their “agent
patterns” or signatures.
You can apply some or all of these methods on various Access Policies by creating additional
Access Policy groups. For details on how to create additional Access Policy groups, see
“Creating Access Policies” on page 154.
Access Policy groups. For details on how to create additional Access Policy groups, see
“Creating Access Policies” on page 154.
Policy: Applications
You can create a rule that blocks a particular user agent based on its pattern using Regular
Expressions.
Expressions.
You block access to applications based on their agent pattern similarly for the different Access
Policies:
Policies:
• User defined policies — On the Web Security Manager > Access Policies page, click the
value in the Applications column for the desired policy. Choose Define Applications
Custom Settings.
Custom Settings.
• Global Policy — On the Web Security Manager > Access Policies page, click the value in
the Applications column for the Global Policy.