Cisco Cisco Web Security Appliance S660 Guida Utente
9-7
AsyncOS 8.5 for Cisco Web Security Appliances User Guide
Chapter 9 Create Policies to Control Internet Requests
Policies
Step 8
Configure the policy to manage web requests:
a.
Review the actions available to apply to specific types of content.
b.
Specify the action to take for each type of content.
•
(Optional) Apply specific actions to requests for Protocols and Client Applications:
•
(Optional) Apply specific actions to requests for URL Categories:
Action
Description
Use Global
Setting
Setting
Uses the action for this category in the Global Policy. This is the default action for user
defined policies. Applies to user defined policies only.
defined policies. Applies to user defined policies only.
Block
The Web Proxy stops transactions that match this setting.
Redirect
Redirects traffic originally destined for a URL in this category to a location you specify.
When you choose this action, the Redirect To field appears. Enter a URL to which to
redirect all traffic.
When you choose this action, the Redirect To field appears. Enter a URL to which to
redirect all traffic.
Allow
Always allows client requests for web sites in this category. Allowed requests bypass all
further filtering and malware scanning.
further filtering and malware scanning.
Monitor
The Web Proxy neither allows nor blocks the request. Instead, it continues to evaluate the
client request against other policy group control settings, such as web reputation
filtering.
client request against other policy group control settings, such as web reputation
filtering.
Warn
The Web Proxy initially blocks the request and displays a warning page, but allows the
user to continue by clicking a hypertext link in the warning page.
user to continue by clicking a hypertext link in the warning page.
Time-Based The Web Proxy blocks or monitors the request during the time ranges you specify.
Option
Additional Steps
Use Global Policy
Setting
Setting
—
Define Custom
Settings
Settings
1.
Click to Block FTP over HTTP, HTTP or Native FTP
2.
Define HTTP Connect Ports (enables applications to tunnel outbound traffic
over HTTP). Leave blank to block all ports.
over HTTP). Leave blank to block all ports.
3.
Block Custom Client Applications (for example; Firefox, MSN, Skype)
Disable Settings for
this Policy
this Policy
Do not use protocol, HTTP connection ports, or client application to block
requests.
requests.
Option
Additional Steps
Custom URL Category
Filtering
Filtering
1.
Click Select Custom Categories.
2.
Choose which custom URL categories to include/exclude in this policy
and click Apply.
and click Apply.
3.
Select the action to apply to the included categories.
4.
Submit.
Predefined URL
Category Filtering
Category Filtering
1.
Select the action to apply to the predefined URL categories.
2.
Submit.