Cisco Cisco Web Security Appliance S670 ユーザーガイド

In this task, you will make sure the Web Proxy does not authenticate requests from particular user agents 
on the network. You might want to do this to for user agents that cannot prompt end users for their 
authentication credentials. In particular, this task will bypass authentication for all applications that 
access the Web on the iPhone, iPad, and iPod.

This task assumes one or more authentication realms are already defined on the Web Security appliance.

Navigate to the Web Security Manager > Identities page.

Click Add Identity.

In the Name field, enter a name for this policy, such as 

.

In the Insert Above field, verify this Identity is above all other Identities that require authentication.

Under Membership Definition, click Advanced to expand the advanced policy options.

Click the link next to User Agents.

On the Identities: Policy “UserAgentsToBypass”: Membership by User Agent page, in the Common 
User Agents section, click Others to expand the other user agents.

Select the Microsoft Windows Update check box.

In the Customer User Agents field, enter the following entries:

iPhone

 

iPad

 

iPod

 

Click Done. 

Click Submit.

Navigate to the Web Security Manager > Access Policies page.

Click Add Policy.

In the Policy Name field, enter a name for this policy, such as 

.

In the Identities and Users field, choose “Select One or More Identities.”

In the Identity field, select the Identity created in 

Submit and Commit your changes.

When an application on the iPhone, iPad, or iPod tries to access the Web, it succeeds and does not prompt 
users for their username and password.

You can add the %u custom field to the access logs to see which user agents try to access the Web.

You can read the following sections for more detailed information on the steps included in this task: