Cisco Cisco Web Security Appliance S670
62
I R O N P O R T A S Y N C O S 6 . 3 . 7 F O R W E B R E L E A S E N O T E S
• The user enters valid Basic authentication credentials.
In this case, the Basic authentication credentials fail against the NTLM authentication realm.
The Web Proxy treats the user as someone who has failed authentication and grants the user
guest access as configured in the identity and access policy groups. The Web Proxy does not
prompt the user to enter NTLM credentials.
The Web Proxy treats the user as someone who has failed authentication and grants the user
guest access as configured in the identity and access policy groups. The Web Proxy does not
prompt the user to enter NTLM credentials.
Workaround: Configure the identity group to use NTLMSSP only or Basic only. [Defect ID:
46430]
46430]
IronPort data security policies do not block very large files in some cases
IronPort data security policies configured to block files based on file size do not block very
large files, such as greater than 30 MB.
large files, such as greater than 30 MB.
Workaround: Contact Customer Support to change the value of an internal setting. [Defect ID:
47184]
47184]
Policy trace feature does not display a web reputation score when authentication is
enabled
enabled
The policy trace feature does not display a web reputation score when authentication is
enabled. [Defect ID: 44031]
enabled. [Defect ID: 44031]
Firefox version 3 does not display websites with embedded links correctly with
decryption enabled in some cases
decryption enabled in some cases
When Firefox version 3 explicitly forwards an HTTPS request, it does not display the website
correctly when decryption is enabled and the website contains embedded links. This is due to
stricter certificate trust changes in Firefox version 3.
correctly when decryption is enabled and the website contains embedded links. This is due to
stricter certificate trust changes in Firefox version 3.
Workaround: Install the Web Security appliance root certificate as a trusted authority on all
instances of Firefox 3. [Defect ID: 44071]
instances of Firefox 3. [Defect ID: 44071]
Internet Explorer prompts for authentication multiple times when viewing files with
multiple links in some cases
multiple links in some cases
Internet Explorer prompts for authentication multiple times under the following
circumstances:
circumstances:
• The Surrogate Timeout global authentication setting is configured, and the Surrogate Type
is set to cookie. (In explicit forward mode, you can configure the surrogate timeout when
you enable secure client authentication or from the
you enable secure client authentication or from the
advancedproxyconfig >
authentication
CLI command.)
• A user views a file that includes links to objects coming from multiple domains.
• The surrogate used to store the authentication credentials has expired.
Workaround: Enter the user name and password each time, or use Firefox. [Defect ID: 44089]