Cisco Cisco Web Security Appliance S160 Guía Del Usuario
10-5
Cisco IronPort AsyncOS 7.1 for Web User Guide
OL-23207-01
Chapter 10 Decryption Policies
Decryption Policies Overview
You also have the option to configure how much URI text is stored in the logs
using the
using the
advancedproxyconfig
CLI command and the
HTTPS
subcommand. You
can log the entire URI, or a partial form of the URI with the query portion
removed. However, even when you choose to strip the query from the URI,
personally identifiable information may still remain.
removed. However, even when you choose to strip the query from the URI,
personally identifiable information may still remain.
Understanding the Monitor Action
When the Web Proxy evaluates the control settings against a transaction, it
evaluates the settings in a particular order. Each control setting can be configured
to one of the following actions for Decryption Policies:
evaluates the settings in a particular order. Each control setting can be configured
to one of the following actions for Decryption Policies:
•
Monitor
•
Drop
•
Pass through
•
Decrypt
All actions except Monitor are final actions the Web Proxy applies to a
transaction. A final action is an action that causes the Web Proxy to stop
evaluating the transaction against other control settings.
transaction. A final action is an action that causes the Web Proxy to stop
evaluating the transaction against other control settings.
Monitor is an intermediary action that indicates the Web Proxy should continue
evaluating the transaction against the other control settings to determine which
final action to ultimately apply.
evaluating the transaction against the other control settings to determine which
final action to ultimately apply.
For example, if a Decryption Policy is configured to monitor invalid server
certificates, the Web Proxy makes no final decision on how to handle the HTTPS
transaction if the server has an invalid certificate. If a Decryption Policy is
configured to block servers with a low web reputation score, then any request to
a server with a low reputation score is dropped without considering the URL
category actions.
certificates, the Web Proxy makes no final decision on how to handle the HTTPS
transaction if the server has an invalid certificate. If a Decryption Policy is
configured to block servers with a low web reputation score, then any request to
a server with a low reputation score is dropped without considering the URL
category actions.
shows the order the Web Proxy uses when evaluating
control settings for Decryption Policies. Looking at the flow diagram, you can see
that the only actions applied to a transaction are the final actions listed above:
Drop, Pass Through, and Decrypt.
that the only actions applied to a transaction are the final actions listed above:
Drop, Pass Through, and Decrypt.
Note
shows the order the Web Proxy uses when evaluating
control settings for Access Policies.