Cisco Cisco Web Security Appliance S170 사용자 가이드

Organizations are increasingly choosing to use software as a service (SaaS) applications instead of 
owning and managing software applications within the organization. SaaS applications typically reside 
“in the cloud” instead of on-premise inside your network. There are many potential benefits to using 
SaaS applications, such as cost savings, but there are also challenges, especially for IT administrators 
who have to manage access control to the SaaS applications. 

Cisco offers the SaaS Access Control feature which provides IT administrators with seamless, secure 
controls necessary for managing access to SaaS applications and enforcing security policies. SaaS 
Access Control allows IT administrators to easily control authentication and authorization for users who 
need to access SaaS applications.

When you enable Cisco SaaS Access Control, users log into the configured SaaS applications using their 
network authentication user credentials. That means they use the same user name and password for all 
SaaS applications as well as network access. You can choose whether users are transparently signed in 
(single sign-on functionality) or prompted to enter their authentication user name and password.

Using Cisco SaaS Access Control with the proper access controls of your SaaS application allows you to:

Control which users can access SaaS applications and from where.

Increase usability for end users by requiring them to remember only one password.

Quickly disable access to all SaaS applications when users are no longer employed by the 
organization. This is sometimes referred to as “zero day revocation.”

Reduce the risk of phishing attacks that ask users to enter their SaaS user credentials.

The SaaS Access Control solution uses the Security Assertion Markup Language (SAML) to authorize 
access to SaaS applications. It works with SaaS applications that are strictly compliant with SAML 
version 2.0.