Cisco Cisco Web Security Appliance S690 Guida Utente

2-4

AsyncOS 8.5 for Cisco Web Security Appliances User Guide

Chapter 2 Connect, Install, and Configure

Gathering Setup Information

Step 3

(Optional) To monitor Layer-4 traffic, connect the Appliance to a TAP, switch, or hub after the proxy
ports and before any device that performs network address translation (NAT) on client IP addresses:

Step 4

Connect external proxies upstream of the appliance to allow the external proxies to receive data from the
appliance.

Next Step

•

Gathering Setup Information, page 2-4

Related Topics

•

Enabling or Changing Network Interfaces, page 2-15

•

Using the P2 Data Interface for Web Proxy Data, page 2-18

•

Adding and Editing a WCCP Service, page 2-21

•

Configuring Transparent Redirection, page 2-21

•

Upstream Proxies, page 2-12

Gathering Setup Information

You can use the worksheet below to record the configuration values you will need while running the
System Setup Wizard. For additional information about each property, see

System Setup Wizard

Reference Information, page 2-7

Ethernet Port

Notes

T1/T2

To allow Layer-4 Traffic Monitor blocking, put Layer 4Traffic Monitor on the same
network as the Web Security appliance.

Recommended configuration:

Device: Network TAP:

•

Connect T1 to network TAP to receive outbound client traffic.

•

Connect T2 to network TAP to receive inbound internet traffic.

Other options:

Device: Network TAP:

•

Use duplex cable on T1 to receive inbound and outbound traffic.

Device: Spanned or mirrored port on a switch

•

Connect T1 to receive outbound client traffic and connect T2 to receive inbound
internet traffic.

•

(Less preferred) Connect T1 using a half or full duplex cable to receive both
inbound and outbound traffic.

Device: Hub:

•

(Least preferred) Connect T1 using a duplex cable to receive both inbound and
outbound traffic.

The appliance listens to traffic on all TCP ports on these interfaces.