Cisco Cisco Web Security Appliance S160 Guía Del Usuario
22-23
AsyncOS 10.0 for Cisco Web Security Appliances User Guide
Chapter 22 Perform System Administration Tasks
SSL Configuration
•
Setting the Time Zone
Step 1
Choose System Administration > Time Zone.
Step 2
Click Edit Settings.
Step 3
Select your region, country, and time zone or select the GMT offset.
Step 4
Submit and commit the changes.
Synchronizing the System Clock with an NTP Server
Cisco recommends that you set your Web Security appliance to track the current date and time by
querying a Network Time Protocol (NTP) server, not by manually setting the time on the appliance. This
is especially true if your appliance integrates with other devices. All integrated devices should use the
same NTP server.
querying a Network Time Protocol (NTP) server, not by manually setting the time on the appliance. This
is especially true if your appliance integrates with other devices. All integrated devices should use the
same NTP server.
Step 1
Choose System Administration > Time Settings.
Step 2
Click Edit Settings.
Step 3
Select Use Network Time Protocol as the Time Keeping Method.
Step 4
Enter the fully qualified hostname or IP address of the NTP server, clicking Add Row as needed to add
servers.
servers.
Step 5
(Optional) Choose the routing table associated with an appliance network interface type, either
Management or Data, to use for NTP queries. This is the IP address from which NTP queries should
originate.
Management or Data, to use for NTP queries. This is the IP address from which NTP queries should
originate.
Note
This option is only editable if the appliance is using split routing for data and management
traffic.
traffic.
Step 6
Submit and commit your changes.
SSL Configuration
For enhanced security, you can enable and disable SSL v3 and various versions of TLS for several
services. Disabling SSL v3 for all services is recommended for best security. By default, all versions of
TLS are enabled, and SSL is disabled.
services. Disabling SSL v3 for all services is recommended for best security. By default, all versions of
TLS are enabled, and SSL is disabled.
Note
You also can use the
sslconfig
CLI command to enable or disable these features. See