Cisco Cisco Web Security Appliance S670 ユーザーガイド
17-19
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 17 URL Filters
Redirecting Traffic
describes the safe browsing scanning verdict values.
For more information on logging, see
Requests blocked due to either the safe search or site content rating features, use one of the following
ACL decision tags in the access logs:
ACL decision tags in the access logs:
•
BLOCK_SEARCH_UNSAFE
•
BLOCK_CONTENT_UNSAFE
•
BLOCK_UNSUPPORTED_SEARCH_APP
•
BLOCK_CONTINUE_CONTENT_UNSAFE
For more information on the ACL decision tags, see
Redirecting Traffic
In addition to using the Web Security appliance to monitor and block traffic to certain websites, you can
also use it to redirect users to a different website. You can configure the appliance to redirect traffic
originally destined for a URL in a custom URL category to a location you specify. This allows you to
redirect traffic at the appliance instead of at the destination server.
also use it to redirect users to a different website. You can configure the appliance to redirect traffic
originally destined for a URL in a custom URL category to a location you specify. This allows you to
redirect traffic at the appliance instead of at the destination server.
You might want to redirect traffic at the appliance if your organization published the links to an internal
site, but the location of the site changed since publication, or if you do not have control over the web
server.
site, but the location of the site changed since publication, or if you do not have control over the web
server.
Configure the appliance to redirect custom URL categories to another location when you configure the
URL categories for an Access Policy group. You can redirect traffic for a custom Access Policy group
or the Global Policy Group.
URL categories for an Access Policy group. You can redirect traffic for a custom Access Policy group
or the Global Policy Group.
To redirect traffic, you must define at least one custom URL category. For more information about
creating custom URL categories, see
creating custom URL categories, see
Note
Beware of infinite loops when you configure the appliance to redirect traffic. For example, if you redirect
traffic destined for http://A.example.com to http://B.example.com and you also inadvertently redirect
traffic destined for http://B.example.com to http://A.example.com, then you create an infinite loop. In
this case, the appliance redirects the traffic back and forth between the two URLs indefinitely.
traffic destined for http://A.example.com to http://B.example.com and you also inadvertently redirect
traffic destined for http://B.example.com to http://A.example.com, then you create an infinite loop. In
this case, the appliance redirects the traffic back and forth between the two URLs indefinitely.
Table 17-7
Safe Browsing Scanning Verdict Values
Value
Description
ensrch
The original client request was unsafe and the safe search feature was applied.
encrt
The original client request was unsafe and the site content ratings feature was applied.
unsupp
The original client request was to an unsupported search engine.
err
The original client request was unsafe, but neither the safe search nor the site content
ratings feature could be applied due to an error.
ratings feature could be applied due to an error.
-
Neither the safe search nor the site content ratings feature was applied to the client request
because the features were bypassed (for example, the transaction was allowed in a custom
URL category) or the request was made from an unsupported application.
because the features were bypassed (for example, the transaction was allowed in a custom
URL category) or the request was made from an unsupported application.