Cisco Cisco Web Security Appliance S690 사용자 가이드
3-11
AsyncOS 8.5 for Cisco Web Security Appliances User Guide
Chapter 3 Connect the Appliance to a Cisco Cloud Web Security Proxy
Identities and Authentication
Tip
Go to whoami.scansafe.net to view the configured group names, user names, and IP addresses.
Identities and Authentication
The Cloud Web Security Connector supports basic authentication and NTLM. You can also bypass
authentication for certain destinations.
authentication for certain destinations.
In Cloud Connector mode, using an Active Directory realm, you can identify transaction requests as
originating from specific machines. The Machine ID service is not available in standard mode.
originating from specific machines. The Machine ID service is not available in standard mode.
With two exceptions, Authentication works the same throughout the Web Security Appliance, whether
in standard configuration or Cloud Connector configuration. Exceptions:
in standard configuration or Cloud Connector configuration. Exceptions:
•
The Machine ID service is not available in standard mode.
•
AsyncOS does not support Kerberos when the appliance is configured in Cloud Connector mode.
Note
Identities based on User Agent or Destination URL are not supported for HTTPS traffic.
Related topics
•
•
•
•
Identifying Machines for Policy Application
By enabling the Machine ID service, AsyncOS can apply policies based on the machine that made the
transaction request rather than the authenticated user or IP address or some other identifier. AsyncOS
uses NetBIOS to acquire the machine ID.
transaction request rather than the authenticated user or IP address or some other identifier. AsyncOS
uses NetBIOS to acquire the machine ID.
Before You Begin
•
Be aware that the machine identity service is only available through Active Directory realms. If you
do not have an Active Directory realm configured, this service is disabled.
do not have an Active Directory realm configured, this service is disabled.
Step 1
Select Network>Machine ID Service.
Step 2
Click Enable and Edit Settings.
Step 3
Configure Machine Identification settings:
Setting
Description
Enable NetBIOS for Machine Identification
Select to enable the machine identification
service.
service.