Cisco Cisco Web Security Appliance S170 사용자 가이드
306
I R O N P O R T A S Y N C O S 6 . 5 F O R W E B U S E R G U I D E
WA R N I N G U S E R S A N D A L L O W I N G T H E M T O C O N T I N U E
In addition to using the Web Security appliance to block traffic to certain websites, you can
also use it to warn users that a site does not meet the organization’s acceptable use policies
and allow them to continue if they choose. You might want to warn users and allow them to
continue if your organization wants to discourage its users from accessing certain sites, but
does not want to or is not allowed by law to block access to those sites.
also use it to warn users that a site does not meet the organization’s acceptable use policies
and allow them to continue if they choose. You might want to warn users and allow them to
continue if your organization wants to discourage its users from accessing certain sites, but
does not want to or is not allowed by law to block access to those sites.
To warn users and allow them to continue, configure the URL categories for an Access Policy
group.
group.
When users access a URL that is configured to warn and continue, they initially see an
IronPort notification page with a warning about accessing sites of this category. The end-user
URL category warning page includes the following elements:
IronPort notification page with a warning about accessing sites of this category. The end-user
URL category warning page includes the following elements:
• Default warning text provided by IronPort
• Custom text provided by the Web Security appliance administrator (optional)
• Notification code listing the invoked Access Policy and the URL category being warned
• A hypertext link to the originally requested URL
Users are tracked in the access log by user name if authentication has made a user name
available, and tracked by IP address if no user name is available.
available, and tracked by IP address if no user name is available.
When you use the warn and continue feature, you can configure the following settings that
affect the end-user URL category warning page:
affect the end-user URL category warning page:
• Time Between Warning. The Time Between Warning determines how often the Web
Proxy displays the end-user URL category warning page for each URL category per user.
Once a user clicks the continue link on the end-user URL category warning page, the
Web Proxy considers that user to have acknowledged the warning for the time you enter
for the Time Between Warning. This setting applies to users tracked by username and
users tracked by IP address. You can specify any value from 30 to 2678400 seconds (one
month). Default is 1 hour (3600 seconds).
Once a user clicks the continue link on the end-user URL category warning page, the
Web Proxy considers that user to have acknowledged the warning for the time you enter
for the Time Between Warning. This setting applies to users tracked by username and
users tracked by IP address. You can specify any value from 30 to 2678400 seconds (one
month). Default is 1 hour (3600 seconds).
• Custom message. The custom message is text you enter that appears on every end-user
URL category warning page. You might want to include text for the organization’s
acceptable use policies, or include a link to a page that details the acceptable use
policies. You can include some simple HTML tags to format the text. For example, you
can change the color and size of the text, or make it italicized. See “Custom Text in
Notification Pages” on page 278 for more information.
acceptable use policies, or include a link to a page that details the acceptable use
policies. You can include some simple HTML tags to format the text. For example, you
can change the color and size of the text, or make it italicized. See “Custom Text in
Notification Pages” on page 278 for more information.
Configure these settings on the Security Services > End-User Notification page. For more
information, see “Configuring the End-User URL Category Warning Page” on page 276.
information, see “Configuring the End-User URL Category Warning Page” on page 276.
Note — The warn and continue feature only works for HTTP and decrypted HTTPS
transactions. It does not work with native FTP transactions.
transactions. It does not work with native FTP transactions.