Cisco Cisco Web Security Appliance S690 Guida Utente

Would you like to permit 
tunneling of non-http 
requests on http ports?

Yes, No

(Boolean)

Yes

No

Choose whether or not to allow 
non-HTTP traffic on ports the Web 
Proxy is configured to monitor, such 
as port 80. This option applies when 
the Web Proxy is in transparent 
mode.

Enabling this option blocks 
applications that attempt to tunnel 
non-HTTP traffic on ports typically 
used for HTTP traffic.

When a transaction is 
blocked due to this setting, 
the ACL decision tag for the 
transaction is logged as 
BLOCK_ADMIN_TUNNEL
ING.

Would you like to block 
tunneling of non-SSL 
transactions on SSL 
Ports?

Yes, No

(Boolean)

No

No

Choose whether or not the Web 
Proxy should block non-SSL traffic 
on SSL ports. 

By default (when this feature is 
disabled), when a client seeks to 
connect to server on a configured 
SSL port and the SSL handshake 
with the server fails, the Web Proxy 
tunnels the transaction. 

Would you like proxy to 
log values from 
X-Forwarded-For 
headers in place of 
incoming connection IP 
addresses?

Yes, No

(Boolean)

No

No

Choose whether or not the access 
logs should include the 
X-Forwarded-For header value 
instead of the IP address of the 
incoming connection.