Cisco Cisco Content Security Management Appliance M1070 Mode D'Emploi
12-20
Cisco IronPort AsyncOS 8.0 for Security Management User Guide
Chapter 12 Distributing Administrative Tasks
•
If you select Only Allow Specific Connections Directly or Through Proxy and
–
the value of the Origin IP header is not in the list of allowed IP addresses
OR
–
the value of the Origin IP header is not in the list of allowed IP Addresses and the IP address of
the proxy connected to the appliance is not in the list of allowed proxies.
the proxy connected to the appliance is not in the list of allowed proxies.
If you choose to continue without correcting the access list, AsyncOS will disconnect your machine or
proxy from the appliance when you commit your changes.
proxy from the appliance when you commit your changes.
Procedure
Step 1
Choose System Administration > Network Access.
Step 2
Click Edit Settings.
Step 3
Select the mode of control for the access list.
Step 4
Enter the IP addresses from which users will be allowed to connect to the appliance.
You can enter an IP address, IP address range or CIDR range. Use commas to separate multiple entries.
Step 5
If connecting through a proxy is allowed, enter the following information:
•
The IP addresses of the proxies allowed to connect to the appliance. Use commas to separate
multiple entries.
multiple entries.
•
The name of the origin IP header that the proxy sends to the appliance, which contains the IP
addresses of the remote user’s machine and the proxy servers that forwarded the request. By default,
the name of the header is
addresses of the remote user’s machine and the proxy servers that forwarded the request. By default,
the name of the header is
x-forwarded-for
.
Step 6
Submit and commit your changes.
Configuring the Web UI Session Timeout
You can specify how long a user can be logged into the Security Management appliance’s Web UI before
AsyncOS logs the user out due to inactivity. This Web UI session timeout applies to all users, including
admin, and it is used for both HTTP and HTTPS sessions.
AsyncOS logs the user out due to inactivity. This Web UI session timeout applies to all users, including
admin, and it is used for both HTTP and HTTPS sessions.
Once AsyncOS logs a user out, the appliance redirects the user’s web browser to login page.
Note
The Web UI Session Timeout does not apply to IronPort Spam Quarantine sessions, which have a 30
minute timeout that cannot be configured.
minute timeout that cannot be configured.
Procedure
Step 1
Use the System Administration > Network Access page.
Step 2
Click Edit Settings.
Step 3
Enter the number of minutes users can be inactive before being logged out. You can define a timeout
period between 5 and 1440 minutes.
period between 5 and 1440 minutes.