Cisco Cisco Web Security Appliance S170 사용자 가이드
4-8
AsyncOS 8.7 for Cisco Web Security Appliances User Guide
Chapter 4 Intercepting Web Requests
Web Proxy Options for Intercepting Web Requests
[2]>
Step 3
Enter a number corresponding to the web proxy cache settings you require:
Step 4
If you chose option 4 (Customized mode), enter values (or leave at the default values) for each of the
custom settings.
custom settings.
Step 5
Press Enter until you return to the main command interface.
Step 6
Commit your changes.
Related Topics
•
.
Web Proxy IP Spoofing
When the web proxy forwards a request, it changes the request source IP address to match its own
address by default. This increases security, but you can change this behavior by implementing IP
spoofing, so that requests retain their source address and appear to originate from the source client rather
than from the Web Security appliance.
address by default. This increases security, but you can change this behavior by implementing IP
spoofing, so that requests retain their source address and appear to originate from the source client rather
than from the Web Security appliance.
IP spoofing works for transparent and explicitly forwarded traffic. When the Web Proxy is deployed in
transparent mode, you have the choice to enable IP spoofing for transparently redirected connections
only or for all connections (transparently redirected and explicitly forwarded). If explicitly forwarded
connections use IP spoofing, you should ensure that you have appropriate network devices to route return
packets back to the Web Security appliance.
transparent mode, you have the choice to enable IP spoofing for transparently redirected connections
only or for all connections (transparently redirected and explicitly forwarded). If explicitly forwarded
connections use IP spoofing, you should ensure that you have appropriate network devices to route return
packets back to the Web Security appliance.
When IP spoofing is enabled and the appliance is connected to a WCCP router, you must configure two
WCCP services: one based on source ports and one based on destination ports.
WCCP services: one based on source ports and one based on destination ports.
Related Topics
•
.
•
.
Entry
Mode
Description
1
Safe
The least caching and the most adherence to RFC #2616
compared to the other modes.
compared to the other modes.
2
Optimized Moderate
caching and moderate adherence to RFC #2616.
Compared to safe mode, in optimized mode the Web Proxy
caches objects when no caching time is specified when a
Last-Modified header is present. The Web Proxy caches
negative responses.
caches objects when no caching time is specified when a
Last-Modified header is present. The Web Proxy caches
negative responses.
3
Aggressive
The most caching and the least adherence to RFC #2616.
Compared to optimized mode, aggressive mode caches au-
thenticated content, ETag mismatches, and content without
a Last-Modified header. The Web Proxy ignores the
no-cache parameter.
Compared to optimized mode, aggressive mode caches au-
thenticated content, ETag mismatches, and content without
a Last-Modified header. The Web Proxy ignores the
no-cache parameter.
4
Customized mode
Configure each parameter individually.