Cisco Cisco Web Security Appliance S170 사용자 가이드
U N D E R S T A N D I N G T H E M O N I T O R A C T I O N
C H A P T E R 9 : A C C E S S P O L I C I E S
171
Note — The preceding actions are final actions that the Web Proxy takes on a client request.
The Monitor action that you can configure for Access Policies is not a final action. For more
information, see “Understanding the Monitor Action” on page 171.
The Monitor action that you can configure for Access Policies is not a final action. For more
information, see “Understanding the Monitor Action” on page 171.
After the Web Proxy assigns an Access Policy group to an HTTP or decrypted HTTPS request,
it compares the request to the policy group’s configured control settings to determine which
action to apply. You can configure multiple security components to determine how to handle
HTTP and decrypted HTTPS requests for a particular policy group. For more information
about the security components that you can configure and how the Web Proxy uses Access
Policy groups to control HTTP traffic, see “Controlling HTTP and Native FTP Traffic” on
page 177.
it compares the request to the policy group’s configured control settings to determine which
action to apply. You can configure multiple security components to determine how to handle
HTTP and decrypted HTTPS requests for a particular policy group. For more information
about the security components that you can configure and how the Web Proxy uses Access
Policy groups to control HTTP traffic, see “Controlling HTTP and Native FTP Traffic” on
page 177.
Understanding the Monitor Action
When the Web Proxy compares a transaction to the control settings, it evaluates the settings
in order. Each control setting can be configured to perform one of the following actions for
Access Policies:
in order. Each control setting can be configured to perform one of the following actions for
Access Policies:
• Monitor
• Allow
• Block
• Redirect
All actions except Monitor are final actions that the Web Proxy applies to a transaction. A
final action is an action that causes the Web Proxy to stop comparing the transaction to the
rest of the control settings.
final action is an action that causes the Web Proxy to stop comparing the transaction to the
rest of the control settings.
The Monitor action is an intermediary action. The Web Proxy continues comparing the
transaction to the other control settings to determine which final action to apply.
transaction to the other control settings to determine which final action to apply.
For example, if an Access Policy is configured to monitor a suspect user agent, the Web Proxy
does not make a final determination about a request from the user agent. If an Access Policy is
configured to block a particular URL category, then any request to that URL category is
blocked before fetching the content from the server regardless of the server’s reputation score.
does not make a final determination about a request from the user agent. If an Access Policy is
configured to block a particular URL category, then any request to that URL category is
blocked before fetching the content from the server regardless of the server’s reputation score.
Note — When a control setting matches Monitor and the transaction is ultimately allowed,
the Web Proxy logs the monitored setting in the access logs. For example, when a URL
matches a monitored URL category, the Web Proxy logs the URL category in the access logs.
the Web Proxy logs the monitored setting in the access logs. For example, when a URL
matches a monitored URL category, the Web Proxy logs the URL category in the access logs.
Figure 9-3 on page 178 shows the order that the Web Proxy uses when evaluating control
settings for Access Policies. The flow diagram shows that the only actions applied to a
transaction are the final actions: Allow, Block, and Redirect.
settings for Access Policies. The flow diagram shows that the only actions applied to a
transaction are the final actions: Allow, Block, and Redirect.
Note — Figure 11-9 on page 229 shows the order the Web Proxy uses when evaluating
control settings for Decryption Policies and Figure 12-3 on page 246 shows the order when
evaluating control settings for IronPort Data Security Policies.
control settings for Decryption Policies and Figure 12-3 on page 246 shows the order when
evaluating control settings for IronPort Data Security Policies.