Cisco Cisco Web Security Appliance S690 사용자 가이드
17-14
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 17 URL Filters
Filtering Transactions Using URL Categories
The custom URL categories included in the policy appear in the Custom URL Category Filtering
section.
section.
Step 4
In the Custom URL Category Filtering section, choose an action for each custom URL category.
describes each action.
Step 5
In the Predefined URL Category Filtering section, choose one of the following actions for each category:
•
Use Global Settings
•
Monitor
•
Block
See
for details on these actions.
Step 6
In the Uncategorized URLs section, choose the action to take for upload requests to web sites that do not
fall into a predefined or custom URL category. This setting also determines the default action for new
and merged categories resulting from URL category set updates. For details, see
fall into a predefined or custom URL category. This setting also determines the default action for new
and merged categories resulting from URL category set updates. For details, see
.
Step 7
Submit and commit your changes.
Table 17-5
URL Category Filtering for Cisco IronPort Data Security Policies
Action
Description
Use Global
Setting
Setting
Uses the action for this category in the Global Policy Group. This is the default
action for user defined policy groups.
action for user defined policy groups.
Applies to user defined policy groups only.
When a custom URL category is excluded in the global Cisco IronPort Data Security
Policy, then the default action for included custom URL categories in user defined
Cisco IronPort Data Security Policies is Monitor instead of Use Global Settings. You
cannot choose Use Global Settings when a custom URL category is excluded in the
global Cisco IronPort Data Security Policy.
Policy, then the default action for included custom URL categories in user defined
Cisco IronPort Data Security Policies is Monitor instead of Use Global Settings. You
cannot choose Use Global Settings when a custom URL category is excluded in the
global Cisco IronPort Data Security Policy.
Allow
Always allows upload requests for web sites in this category. Applies to custom URL
categories only.
categories only.
Allowed requests bypass all further data security scanning and the request is
evaluated against Access Policies.
evaluated against Access Policies.
Only use this setting for trusted web sites. You might want to use this setting for
internal sites.
internal sites.
Monitor
The Web Proxy neither allows nor blocks the request. Instead, it continues to
evaluate the upload request against other policy group control settings, such as web
reputation filtering.
evaluate the upload request against other policy group control settings, such as web
reputation filtering.
Block
The Web Proxy denies transactions that match this setting.