Cisco Cisco Web Security Appliance S670 Guida Utente

The Cloud Web Security Connector supports basic authentication and NTLM. You can also bypass 
authentication for certain destinations. With the exception of Kerberos, Authentication works the same 
throughout the Web Security Appliance, whether in standard configuration or Cloud Connector 
configuration. AsyncOS does not support Kerberos when the appliance is configured in Cloud Connector 
mode.

Identities based on User Agent or Destination URL are not supported for HTTPS traffic.

If the Web Security appliance is configured to provide guest access for unauthenticated users, in Cloud 
Connector mode, AsyncOS assigns guest users to the group, __GUEST_GROUP__, and sends that 
information to Cisco Cloud Web Security. Use Identities to provide guest access to unauthenticated 
users. Use Cisco Cloud Web Security policies to control these guest users. 

You can switch between Cloud Connector and Standard modes using the System Setup Wizard.

Switching to Cloud Connector Mode

Select System Administration>System Setup Wizard.

Accept the license agreement.

Select Cloud Web Security Connector in the Appliance Mode section.

Continue configuring the Cloud Connector as described later in this chapter.