Cisco Cisco Web Security Appliance S170 사용자 가이드

If you want to block a particular URL category for HTTPS requests, 
choose to decrypt that URL category in the Decryption Policy group and 
then choose to block the same URL category in the Access Policy group.

In the Uncategorized URLs section, choose the action to take for client requests 
to web sites that do not fall into a predefined or custom URL category. You can 
choose any action listed in 

Submit and commit your changes.

You can configure URL filtering for user defined Data Security Policy groups and 
the Global Policy Group.

To configure URL filtering in a Data Security Policy group:

Navigate to the Web Security Manager > IronPort Data Security page.

Decrypt

Allows the connection, but inspects the traffic content. The 
appliance decrypts the traffic and applies Access Policies to 
the decrypted traffic as if it were a plaintext HTTP 
connection. By decrypting the connection and applying 
Access Policies, you can scan the traffic for malware. You 
might want to decrypt connections to third party email 
providers, such as gmail or hotmail. 

For more information about how the appliance decrypts 
HTTPS traffic, see 

.

Drop

Drops the connection and does not pass the connection 
request to the server. The appliance does not notify the user 
that it dropped the connection. You might want to drop 
connections to third party proxies that allow users on the 
network bypass the organization’s acceptable use policies.