Cisco Cisco Web Security Appliance S170 사용자 가이드

Therefore, for explicit HTTPS transactions, it is possible to match a routing policy based on URL or port 
number. 

After the Web Security appliance assigns an HTTPS connection request to a Decryption Policy group, 
the connection request inherits the control settings of that policy group. The control settings of the 
Decryption Policy group determine whether the appliance decrypts, drops, or passes through the 
connection. For more information about the actions the appliance can take on an HTTPS request, see 

.

Configure control settings for Decryption Policy groups on the Web Security Manager > Decryption 
Policies page.

 shows where you can configure control settings for the Decryption Policy groups.

You can configure the following settings to determine what action to take on the HTTPS connection:

URL categories. You can configure the action to take on HTTPS requests for each predefined and 
custom URL category. Click the link under the URL Categories column for the policy group you 
want to configure. For more information about working with URL filters, see 

. For more information about configuring URL categories, see 

If you want to block (with end-user notification) a particular URL category for HTTPS requests 
instead of drop (with no end-user notification), choose to decrypt that URL category in the 
Decryption Policy group and then choose to block the same URL category in the Access Policy 
group.

Web reputation. You can configure the action to take on HTTPS requests based on the web 
reputation score of the requested server. Click the link under the Web Reputation column for the 
policy group you want to configure. For more information about working with web reputation 
scores, see 

.

Default action. You can configure the action the appliance should take when none of the other 
settings apply. Click the link under the Default Action column for the policy group you want to 
configure.