Cisco Cisco Web Security Appliance S190 Guía Del Usuario
A-13
AsyncOS 9.0.1 for Cisco Web Security Appliances User Guide
Appendix A Troubleshooting
Policy Problems
•
•
•
Access Policy not Configurable for HTTPS
(bugs 38046, 40843, 41282)
Note taken from pg 9-7 - Protocols and User Agents (after table) in Block, Allow, or Redirect
Transaction Requests ChapterOriginally in Chapter 7 Web Proxy
Transaction Requests ChapterOriginally in Chapter 7 Web Proxy
With the HTTPS Proxy is enabled, Decryption Policies handle all HTTPS policy decisions. You can no
longer define Access and Routing Policy group membership by HTTPS, nor can you configure Access
Policies to block HTTPS transactions.
longer define Access and Routing Policy group membership by HTTPS, nor can you configure Access
Policies to block HTTPS transactions.
If some Access and Routing Policy group memberships are defined by HTTPS and if some Access
Policies block HTTPS, then when you enable the HTTPS Proxy, those Access and Routing Policy groups
become disabled. You can choose to enable the policies at any time, but all HTTPS related configurations
are removed. (bugs 38046, 40843, 41282)
Policies block HTTPS, then when you enable the HTTPS Proxy, those Access and Routing Policy groups
become disabled. You can choose to enable the policies at any time, but all HTTPS related configurations
are removed. (bugs 38046, 40843, 41282)
Blocked Object Problems
•
•
Some Microsoft Office Files Not Blocked
When you block Microsoft Office files in the Block Object Type section, it is possible that some
Microsoft Office files will not be blocked.
Microsoft Office files will not be blocked.
If you need to block all Microsoft Office files, add
application/x-ole
in the Block Custom MIME
Types field. However, blocking this custom MIME type also blocks all Microsoft Compound Object
format types, such as Visio files and some third-party applications.
format types, such as Visio files and some third-party applications.
Blocking DOS Executable Object Types Blocks Updates for Windows OneCare
When you configure the Web Security appliance to block DOS executable object types, the appliance
also blocks updates for Windows OneCare.
also blocks updates for Windows OneCare.
Identification Profile Disappeared from Policy
Disabling an Identification Profile removes it from associated policies. Verify that the Identification
Profile is enabled and then add it to the policy again.
Profile is enabled and then add it to the policy again.