Cisco Cisco Web Security Appliance S160 Guía Del Usuario
4-3
AsyncOS 9.1 for Cisco Web Security Appliances User Guide
Chapter 4 Intercepting Web Requests
Web Proxy Options for Intercepting Web Requests
Web Proxy Options for Intercepting Web Requests
By itself, the Web Proxy can intercept web requests that use HTTP (including FTP over HTTP) and
HTTPS. Additional proxy modules are available to enhance protocol management:
HTTPS. Additional proxy modules are available to enhance protocol management:
•
HTTPS Proxy. The HTTPS proxy supports the decryption of HTTPS traffic and allows the web
proxy to pass unencrypted HTTPS requests on to policies for content analysis.
proxy to pass unencrypted HTTPS requests on to policies for content analysis.
Note
When in transparent mode, the Web Proxy drops all transparently redirected HTTPS requests if
the HTTPS proxy is not enabled. No log entries are created for dropped transparently redirected
HTTPS requests.
the HTTPS proxy is not enabled. No log entries are created for dropped transparently redirected
HTTPS requests.
Each of these additional proxies requires the Web Proxy in order to function.You cannot enable them if
you disable the Web Proxy.
you disable the Web Proxy.
Note
The Web proxy is enabled by default. All other proxies are disabled by default.
Configuring Web Proxy Settings
Before You Begin
•
Enable the web proxy.
Step 1
Choose Security Services > Web Proxy.
Step 2
Click Edit Settings.
Step 3
Configure the basic web proxy settings as required.
Property
Description
HTTP Ports to Proxy
The ports that the web Proxy will listen on for HTTP connections
Caching
Specifies whether to enable or disable Web Proxy caching.
The web proxy caches data to increase performance.
Proxy mode
•
Forward — Allow the client browser to name the internet target.
Requires individual configuration of each web browser to use the web
proxy. The web proxy can intercept only explicitly forwarded web
requests in this mode.
Requires individual configuration of each web browser to use the web
proxy. The web proxy can intercept only explicitly forwarded web
requests in this mode.
•
Transparent (Recommended) — Allow the web proxy to name the
internet target. The web proxy can intercept both transparent and
explicitly forwarded web requests in this mode.
internet target. The web proxy can intercept both transparent and
explicitly forwarded web requests in this mode.
IP Spoofing
•
IP Spoofing
disabled — The web proxy changes the request source IP
address to match its own address to increase security.
•
IP Spoofing
enabled — The web proxy retains the source address so
that it appears to originate from the source client rather than from the
Web Security appliance.