Cisco Cisco Web Security Appliance S380 Guía Del Usuario
6-5
AsyncOS 9.2 for Cisco Web Security Appliances User Guide
Chapter 6 Classify End-Users and Client Software
Classifying Users and Client Software
Step 8
In the Membership Definition section, supply membership parameters appropriate to the chosen
identification method. Note that all of the options described in this table are not available to every User
Identification Method.
identification method. Note that all of the options described in this table are not available to every User
Identification Method.
Authentication Surrogates
Specify how transactions will be associated with a user after successful
authentication (options vary depending on Web Proxy deployment mode):
authentication (options vary depending on Web Proxy deployment mode):
•
IP Address – The Web Proxy tracks an authenticated user at a
particular IP address. For transparent user identification, select
this option.
particular IP address. For transparent user identification, select
this option.
•
Persistent Cookie – The Web Proxy tracks an authenticated user on a
particular application by generating a persistent cookie for each user
per application. Closing the application does not remove the cookie.
particular application by generating a persistent cookie for each user
per application. Closing the application does not remove the cookie.
•
Session Cookie – The Web Proxy tracks an authenticated user on a
particular application by generating a session cookie for each user per
domain per application. (However, when a user provides different
credentials for the same domain from the same application, the cookie
is overwritten.) Closing the application removes the cookie.
particular application by generating a session cookie for each user per
domain per application. (However, when a user provides different
credentials for the same domain from the same application, the cookie
is overwritten.) Closing the application removes the cookie.
•
Apply same surrogate settings to explicit forward requests – Check
to apply the surrogate used for transparent requests to explicit
requests; enables credential encryption automatically. This option
appears only when the Web Proxy is deployed in transparent mode.
to apply the surrogate used for transparent requests to explicit
requests; enables credential encryption automatically. This option
appears only when the Web Proxy is deployed in transparent mode.
Note
You can define a timeout valve for the authentication surrogate
for all requests in Global Authentication Settings.
for all requests in Global Authentication Settings.
Membership Definition
Define Members by Subnet
Enter the addresses to which this Identification Profile should apply. You
can use IP addresses, CIDR blocks, and subnets.
can use IP addresses, CIDR blocks, and subnets.
Note
If nothing is entered, the Identification Profile applies to all
IP addresses.
IP addresses.