Cisco Cisco Web Security Appliance S170 사용자 가이드
10-7
Cisco IronPort AsyncOS 7.5.7 for Web User Guide
Chapter 10 Access Policies
Controlling HTTP and Native FTP Traffic
Step 8
Submit your changes.
Step 9
Configure Access Policy group control settings to define how the Web Proxy handles transactions.
The new Access Policy group automatically inherits global policy group settings until you configure
options for each control setting. For more information,
options for each control setting. For more information,
.
Step 10
Submit and commit your changes.
Controlling HTTP and Native FTP Traffic
After the Web Proxy assigns an HTTP, native FTP, or decrypted HTTPS request to an Access Policy
group, the request inherits the control settings of that policy group. The control settings of the Access
Policy group determine whether the appliance allows, blocks, or redirects the connection.
group, the request inherits the control settings of that policy group. The control settings of the Access
Policy group determine whether the appliance allows, blocks, or redirects the connection.
Configure control settings for Access Policy groups on the Web Security Manager > Access Policies
page.
page.
shows where you can configure control settings for the Access Policy groups.
Figure 10-2
Creating Secure Access Policies
User Agents
Choose whether or not to define policy group membership by the user agent used
in the client request. You can select some commonly defined browsers, or define
your own using regular expressions. Choose whether this policy group should apply
to the selected user agents or to any user agent that is not in the list of selected user
agents.
in the client request. You can select some commonly defined browsers, or define
your own using regular expressions. Choose whether this policy group should apply
to the selected user agents or to any user agent that is not in the list of selected user
agents.
For more information on creating user agent based policies, see
.
Note: If the Identity associated with this policy group defines Identity membership
by this advanced setting, the setting is not configurable at the non-Identity policy
group level.
by this advanced setting, the setting is not configurable at the non-Identity policy
group level.
User Location
Choose whether or not to define policy group membership by user location, either
remote or local.
remote or local.
This option only appears when the Secure Mobility Solution is enabled. For more
information, see
information, see
.
Table 10-1
Access Policy Group Advanced Options (continued)
Advanced Option
Description