Cisco Cisco Web Security Appliance S170 사용자 가이드

Do not require authentication for the Identity policy group.

Place the Identity policy group above all other Identity policy groups that require authentication.

Submit and commit your changes.

The Web Security appliance web interface includes a tool that traces a particular client request and 
details how the Web Proxy processes the request. The Web Proxy evaluates the request against all 
committed Access, Decryption, Cisco IronPort Data Security, Outbound Malware Scanning, and 
Routing Policies and calculates other attributes, such as the web reputation score.

The policy trace tool allows administrators to troubleshoot when end users ask questions about Web 
Proxy behavior. It simulates client requests as if they were made by the end users and describes Web 
Proxy behavior. It can be a powerful troubleshooting or debugging tool, especially if you have combined 
many of the advanced features available on the Web Security appliance.

When you use the policy trace tool, the Web Proxy does not record the requests in the access log or 
reporting database.

By default, the Web Proxy simulates an HTTP GET request. However, when you specify a file to upload 
in the Request Details section, the Web Proxy simulates an HTTP POST request.

The policy trace tool explicitly makes requests even if the Web Security appliance is deployed in 
transparent mode.

You can trace policies on the System Administration > Policy Trace page.

To trace policies: 

Navigate to the System Administration > Policy Trace page.

In the URL field, enter the URL in the client request to simulate.