Cisco Cisco Web Security Appliance S170 사용자 가이드
14-4
Cisco IronPort AsyncOS 7.7.5 for Web User Guide
Chapter 14 Achieving Secure Mobility
Logging
Logging
The access logs indicate whether each transaction was made by a local or remote user. You can also add
the same custom format specifier (%l) to the existing access logs, or you can add the equivalent W3C
field (auth-user-type) to the W3C access logs.
the same custom format specifier (%l) to the existing access logs, or you can add the equivalent W3C
field (auth-user-type) to the W3C access logs.
In addition to the access logs, the Web Security appliance provides the following logs for
troubleshooting potential Secure Mobility issues.
troubleshooting potential Secure Mobility issues.
•
User Discovery Service (UDS) log. The UDS log records data about how the Web Proxy discovers
the user name without doing actual authentication. It includes information about interacting with the
Cisco adaptive security appliance for Secure Mobility as well as integrating with the Novell
eDirectory server for transparent user identification.
the user name without doing actual authentication. It includes information about interacting with the
Cisco adaptive security appliance for Secure Mobility as well as integrating with the Novell
eDirectory server for transparent user identification.
•
AnyConnect Secure Mobility Daemon log. The AnyConnect Secure Mobility Daemon log records
the interaction between the Web Security appliance and the AnyConnect client, including the status
check.
the interaction between the Web Security appliance and the AnyConnect client, including the status
check.
Configuring Secure Mobility Using the CLI
describes the CLI commands you can use to configure and monitor Secure Mobility.
Table 14-1
Secure Mobility CLI Commands
Command
Description
musconfig
Use this command to enable Secure Mobility and configure how to identify remote
users, either by IP address or by integrating with one or more Cisco adaptive security
appliances.
users, either by IP address or by integrating with one or more Cisco adaptive security
appliances.
Note: Changes made using this command cause the Web Proxy to restart.
For more information on enabling and configuring Secure Mobility, see
.
musstatus
Use this command to display information related to Secure Mobility when the Web
Security appliance is integrated with an adaptive security appliance.
Security appliance is integrated with an adaptive security appliance.
This command displays the following information:
•
The status of the Web Security appliance connection with each adaptive security
appliance.
appliance.
•
The duration of the Web Security appliance connection with each adaptive
security appliance in minutes.
security appliance in minutes.
•
The number of remote clients from each adaptive security appliance.
•
The number of remote clients being serviced, which is defined as the number of
remote clients that have passed traffic through the Web Security appliance.
remote clients that have passed traffic through the Web Security appliance.
•
The total number of remote clients.