Cisco Cisco Web Security Appliance S160 Guía Del Usuario
15-3
AsyncOS 8.8 for Cisco Web Security Appliances User Guide
Chapter 15 Managing Access to Web Applications
Policy Application Control Settings
User Experience with Blocked Requests
When the AVC engine blocks a transaction, the Web Proxy sends a block page to the end user. However,
not all Websites display the block page to the end user; many Websites display dynamic content using
JavaScript instead of a static Webpage and are not likely to display the block page. Users are still properly
blocked from downloading malicious data, but they may not always be informed of this by the Website.
not all Websites display the block page to the end user; many Websites display dynamic content using
JavaScript instead of a static Webpage and are not likely to display the block page. Users are still properly
blocked from downloading malicious data, but they may not always be informed of this by the Website.
Policy Application Control Settings
Controlling applications involves configuring the following elements:
You can configure application control settings in Access Policy groups. On the Web Security Manager
> Access Policies page, click the Applications link for the policy group you want to configure. When
configuring applications, you can choose the following actions:
> Access Policies page, click the Applications link for the policy group you want to configure. When
configuring applications, you can choose the following actions:
Related topics
•
Rules and Guidelines
Consider the following rules and guidelines when configuring application control settings:
•
The supported Application Types, applications, and application behaviors may change between
AsyncOS for Web upgrades, or after AVC engine updates.
AsyncOS for Web upgrades, or after AVC engine updates.
Option
Description
Application Types
A category that contains one or more applications.
Applications
Particular applications within an Application Type.
Application behaviors
Particular actions or behaviors that users can do within an application
that administrators can control. Not all applications include behaviors
you can configure.
that administrators can control. Not all applications include behaviors
you can configure.
Option
Description
Block
This action is a final action. Users are prevented from viewing a webpage and
instead an end-user notification page displays
instead an end-user notification page displays
Monitor
This action is an intermediary action. The Web Proxy continues comparing the
transaction to the other control settings to determine which final action to apply
transaction to the other control settings to determine which final action to apply
Restrict
This action indicates that an application behavior is blocked. For example, when
you block file transfers for a particular instant messaging application, the action
for that application is Restrict.
you block file transfers for a particular instant messaging application, the action
for that application is Restrict.
Bandwidth Limit
For certain applications, such as Media and Facebook, you can limit the
bandwidth available for Web traffic. You can limit bandwidth for the application
itself, and for its users.
bandwidth available for Web traffic. You can limit bandwidth for the application
itself, and for its users.