Cisco Cisco Web Security Appliance S190 Guía Del Usuario
6-3
Cisco IronPort AsyncOS 7.1 for Web User Guide
OL-23207-01
Chapter 6 Working with Policies
Policy Types
Policy Types
The Web Security appliance uses multiple types of policies to enforce
organizational policies and requirements.
organizational policies and requirements.
•
Identities. “Who are you?”
•
Decryption Policies. “To decrypt or not to decrypt?”
•
Routing Policies. “From where to fetch content?”
•
Access Policies. “To allow or block the transaction?”
•
IronPort Data Security Policies. “To block the upload of data?” IronPort
Data Security Policies actions are defined on the Web Security appliance.
Data Security Policies actions are defined on the Web Security appliance.
•
External DLP (data loss prevention) Policies. “To block the upload of
data?” External DLP Policies actions are defined on an external DLP
appliance.
data?” External DLP Policies actions are defined on an external DLP
appliance.
•
Outbound Malware Scanning Policies. “To block the upload of malicious
data?”
data?”
•
SaaS Application Authentication Policies. “To allow this user access to the
SaaS application?”
SaaS application?”
You use the policies together to create the behavior you need or expect when
clients access the web.
clients access the web.
To define policies, you create policy groups. After you create policy groups, you
can define the control settings for each group. For more information about
working with policy groups, see
can define the control settings for each group. For more information about
working with policy groups, see
All policy types have a global policy group that maintains default settings and
rules that apply to web transactions not covered by another policy. For more
information on global policies, see
rules that apply to web transactions not covered by another policy. For more
information on global policies, see
.
Identities
An Identity is a policy that identifies the user making a request. This is the only
policy where you can define whether or not authentication is required. An Identity
addresses the question, “who are you?” However, Identities do not specify a list
of users who are authorized to access the web. You specify authorized users in the
other policy types after you specify the Identity to use.
policy where you can define whether or not authentication is required. An Identity
addresses the question, “who are you?” However, Identities do not specify a list
of users who are authorized to access the web. You specify authorized users in the
other policy types after you specify the Identity to use.