Cisco Cisco Web Security Appliance S690 Guida Utente

3-4

Cisco AsyncOS for Web User Guide

Chapter 3 Connect, Install, and Configure

Connecting the Appliance

Step 3

(Optional) To monitor Layer-4 traffic, connect the Appliance to a TAP, switch, or hub after the proxy
ports and before any device that performs network address translation (NAT) on client IP addresses:

Step 4

Connect external proxies upstream of the appliance to allow the external proxies to receive data from the
appliance.

Next Step

•

Gathering Setup Information, page 3-5

Related Topics

•

Enabling or Changing Network Interfaces, page 3-16

•

Using the P2 Data Interface for Web Proxy Data, page 3-17

•

Adding and Editing a WCCP Service, page 3-21

•

Configuring Transparent Redirection, page 3-20

•

Upstream Proxies, page 3-13

Ethernet Port

Notes

T1/T2

To allow Layer-4 Traffic Monitor blocking, put Layer 4Traffic Monitor on the same
network as the Web Security appliance.

Recommended configuration:

Device: Network TAP:

•

Connect T1 to network TAP to receive outbound client traffic.

•

Connect T2 to network TAP to receive inbound internet traffic.

Other options:

Device: Network TAP:

•

Use duplex cable on T1 to receive inbound and outbound traffic.

Device: Spanned or mirrored port on a switch

•

Connect T1 to receive outbound client traffic and connect T2 to receive inbound
internet traffic.

•

(Less preferred) Connect T1 using a half or full duplex cable to receive both
inbound and outbound traffic.

Device: Hub:

•

(Least preferred) Connect T1 using a duplex cable to receive both inbound and
outbound traffic.

The appliance listens to traffic on all TCP ports on these interfaces.