Cisco Cisco Web Security Appliance S170 사용자 가이드

C O N T R O L L I N G U P L O A D R E Q U E S T S U S I N G I R O N P O R T D A T A S E C U R I T Y P O L I C I E S

C H A P T E R 1 2 : D A T A S E C U R I T Y A N D E X T E R N A L D L P P O L I C I E S

245

C O N T R O L L I N G U P L O A D R E Q U E S T S U S I N G I R O N PO R T D A T A S E C U R I T Y
PO L I C I E S

Each upload request is assigned to a Data Security Policy group and inherits the control
settings of that policy group. The control settings of the Data Security Policy group determine
whether the appliance blocks the connection or evaluates it against the Access Polices.

Configure control settings for Data Security Policy groups on the Web Security Manager >
IronPort Data Security Policies page.

Figure 12-2 shows where you can configure control settings for the Data Security Policy
groups.

Figure 12-2 Creating Secure IronPort Data Security Policies

You can configure the following settings to determine what action to take on upload requests:

• URL Categories. For more information, see “URL Categories” on page 246.

• Web Reputation. For more information, see “Web Reputation” on page 247.

• Content. For more information, see “Content Blocking” on page 247.

After a Data Security Policy group is assigned to an upload request, the control settings for the
policy group are evaluated to determine whether to block the request or evaluate it against the
Access Policies. For more information about assigning a Data Security Policy group to an
upload request, see “Policy Group Membership” on page 133.

Figure 12-3 on page 246 shows how the appliance determines which action to take on an
upload request after it has assigned a particular Data Security Policy to the request.