Cisco Cisco Web Security Appliance S660
I R O N P O R T A S Y N C O S 6 . 3 . 7 F O R W E B R E L E A S E N O T E S
7
was enabled. Authentication surrogates allow you to associate transactions with a user either
by IP address or cookie after the user has been authenticated successfully.
by IP address or cookie after the user has been authenticated successfully.
In AsyncOS for Web 6.0, you can configure authentication surrogates for both transparent
and explicit forward deployments whether or not credential encryption is enabled.
and explicit forward deployments whether or not credential encryption is enabled.
For more information, see the “Configuring Global Authentication Settings” section in the
“Authentication” chapter of the IronPort AsyncOS for Web User Guide. You can view this
chapter in the PDF or the online help.
“Authentication” chapter of the IronPort AsyncOS for Web User Guide. You can view this
chapter in the PDF or the online help.
LDAP User Attribute Based Group Authorization
AsyncOS for Web 6.0 supports LDAP schema which stores user group memberships in group
objects or user objects. In previous versions, AsyncOS for Web only supports LDAP schema
which stores user group memberships in group object.
objects or user objects. In previous versions, AsyncOS for Web only supports LDAP schema
which stores user group memberships in group object.
For more information, see the “LDAP Group Authorization” section in the “Authentication”
chapter of the IronPort AsyncOS for Web User Guide. You can view this chapter in the PDF or
the online help.
chapter of the IronPort AsyncOS for Web User Guide. You can view this chapter in the PDF or
the online help.
Enhanced: Logging
AsyncOS 6.0 for Web includes several changes and enhancements to Web Security appliance
logging to help you troubleshoot issues more easily.
logging to help you troubleshoot issues more easily.
W3C Standard Extended Log File Format Access Logs
In AsyncOS for Web 6.0, the Web Security appliance supports the W3C standard extended
log file format (ELFF) for access log information. The W3C access log subscriptions record
Web Proxy transaction history in a format that is readable by generic analysis tools. The
extended log file format is self-describing, so your analysis tool can read the log fields in use
and present them in an understandable format.
log file format (ELFF) for access log information. The W3C access log subscriptions record
Web Proxy transaction history in a format that is readable by generic analysis tools. The
extended log file format is self-describing, so your analysis tool can read the log fields in use
and present them in an understandable format.
You can create multiple W3C access log subscriptions and define the data to include in each.
You might want to create one W3C access log that includes all information your organization
typically needs, and other, specialized W3C access logs that can be used for troubleshooting
purposes or special analysis. For example, you might want to create a W3C access log for an
HR manager that only needs access to certain information.
You might want to create one W3C access log that includes all information your organization
typically needs, and other, specialized W3C access logs that can be used for troubleshooting
purposes or special analysis. For example, you might want to create a W3C access log for an
HR manager that only needs access to certain information.
For more information, see the “W3C Compliant Access Logs” section in the “Logging” chapter
of the IronPort AsyncOS for Web User Guide. You can view this chapter in the PDF or the
online help.
of the IronPort AsyncOS for Web User Guide. You can view this chapter in the PDF or the
online help.
Enhanced HTTPS Logging
AsyncOS for Web 6.0 includes enhanced logging of HTTPS transaction for easier
troubleshooting. To view more HTTPS transaction details, increase the HTTPS log level detail
to either Debug or Trace. With this feature, the HTTPS logs show various SSL handshake
phases, such as establishing capabilities, server authentication and key exchange, client key
exchange, and finalizing of the SSL handshake. Additionally, session information like server
certificate, client certificate, certificate chain, key size, cipher used, and certificate
verification message is also logged.
troubleshooting. To view more HTTPS transaction details, increase the HTTPS log level detail
to either Debug or Trace. With this feature, the HTTPS logs show various SSL handshake
phases, such as establishing capabilities, server authentication and key exchange, client key
exchange, and finalizing of the SSL handshake. Additionally, session information like server
certificate, client certificate, certificate chain, key size, cipher used, and certificate
verification message is also logged.