Cisco Cisco Web Security Appliance S690 Guida Utente

By itself, the Web Proxy can intercept web requests that use HTTP (including FTP over HTTP) and 
HTTPS. Additional proxy modules are available to enhance protocol management:

HTTPS Proxy. The HTTPS proxy supports the decryption of HTTPS traffic and allows the web
proxy to pass unencrypted HTTPS requests on to policies for content analysis.

When in transparent mode, the Web Proxy drops all transparently redirected HTTPS requests if 
the HTTPS proxy is not enabled. No log entries are created for dropped transparently redirected 
HTTPS requests.

Each of these additional proxies requires the Web Proxy in order to function.You cannot enable them if 
you disable the Web Proxy.

The Web proxy is enabled by default. All other proxies are disabled by default.

Enable the web proxy.

Choose Security Services > Web Proxy.

Click Edit Settings.

Configure the basic web proxy settings as required.

HTTP Ports to Proxy

The ports that the web Proxy will listen on for HTTP connections 

Caching

Specifies whether to enable or disable Web Proxy caching. 

The web proxy caches data to increase performance.

Proxy mode

Forward — Allow the client browser to name the internet target.
Requires individual configuration of each web browser to use the web
proxy. The web proxy can intercept only explicitly forwarded web
requests in this mode.

Transparent (Recommended) — Allow the web proxy to name the
internet target. The web proxy can intercept both transparent and
explicitly forwarded web requests in this mode.

IP Spoofing

disabled — The web proxy changes the request source IP 

address to match its own address to increase security.

enabled — The web proxy retains the source address so 

that it appears to originate from the source client rather than from the

 

Web Security appliance.