Cisco Cisco Web Security Appliance S670 ユーザーガイド

When you block Microsoft Office files in the Block Object Type section, it is possible that some 
Microsoft Office files will not be blocked. 

If you need to block all Microsoft Office files, add 

 in the Block Custom MIME 

Types field. However, blocking this custom MIME type also blocks all Microsoft Compound Object 
format types, such as Visio files and some third-party applications. 

When you configure the Web Security appliance to block DOS executable object types, the appliance 
also blocks updates for Windows OneCare. 

Disabling an Identification Profile removes it from associated policies. Verify that the Identification 
Profile is enabled and then add it to the policy again.

If multiple Identification Profiles have identical criteria, AsyncOS assigns the transactions to the first 
Identification Profile that matches. Therefore, transactions never match the additional, identical 
Identification Profiles, and any policies that apply to those subsequent, identical Identification Profiles 
are never matched or applied.

Configure the appliance to use IP addresses as the surrogate when credential encryption is enabled.

When credential encryption is enabled and configured to use cookies as the surrogate type, 
authentication does not work with HTTPS or FTP over HTTP requests. This is because the Web Proxy 
redirects clients to the Web Proxy itself for authentication using an HTTPS connection if credential