Cisco Cisco Web Security Appliance S170 사용자 가이드
7-10
Cisco IronPort AsyncOS 7.7.5 for Web User Guide
Chapter 7 Policies
Working with User Agent Based Policies
Step 3
In the Time Range Name field, enter a unique, descriptive name.
Step 4
In the Time Zone section, choose whether to use the time zone setting on the Web Security appliance or
a different time zone setting you configure.
a different time zone setting you configure.
Step 5
In the Time Values section, define at least one row that specifies the days of the week and time of day to
include in this time range.
include in this time range.
a.
In the Day of the Week section, select at least one day.
b.
In the Time of Day section, choose All Day or enter a time range in the day using the From and To
fields.
fields.
Each time range includes the start time and excludes the end time. For example, entering 8:00
through 17:00 matches 8:00:00 through 16:59:59, but not 17:00:00.
through 17:00 matches 8:00:00 through 16:59:59, but not 17:00:00.
Midnight must be specified as 00:00 for a start time, and as 24:00 for an end time.
Note
A transaction must occur on the day and in the time specified to match a row in the Time Values
section. That means the Day of Week and Time of Day values have an “AND” relationship with
each other within a single row.
section. That means the Day of Week and Time of Day values have an “AND” relationship with
each other within a single row.
Step 6
Optionally, you can create additional time value rows by clicking Add Row.
Note
When a time range includes multiple time value rows, a transaction can occur within any of the
defined time values to match the time range. That means that multiple time value rows in a single
time range have an “OR” relationship with each other.
defined time values to match the time range. That means that multiple time value rows in a single
time range have an “OR” relationship with each other.
Step 7
Submit and commit your changes.
Working with User Agent Based Policies
The Web Security appliance provides the means to create policies to define access to the web by the
client application (user agent), such as a web browser, making the client request. You can define policy
group membership based on user agents, and you can specify control settings based on user agents.
client application (user agent), such as a web browser, making the client request. You can define policy
group membership based on user agents, and you can specify control settings based on user agents.
You might want to specify user agents to accomplish the following tasks:
•
You can exempt certain user agents from authentication. You might want to do this for client
applications that cannot handle prompting users for authentication credentials. For more
information about how to do this, see
applications that cannot handle prompting users for authentication credentials. For more
information about how to do this, see
.
•
You can block access from particular user agents that you define.
You can configure user agents in the following locations:
•
Policy group membership for all policy types, including Identities.
•
Application control settings for Access Policies.
Note
When the appliance is deployed in transparent mode, user agent information is not available for
Decryption Policies.
Decryption Policies.