Cisco Cisco Web Security Appliance S690 사용자 가이드

When the Web Security appliance is deployed in transparent mode and a 
transaction requires authentication, the Web Proxy replies to the client application 
asking for authentication credentials. However, not all client applications support 
authentication, so they have no method for prompting users to provide their user 
names and passwords. These applications cannot be used when the Web Security 
appliance is deployed in transparent mode.

The following is a partial list of applications that do not work when the appliance 
is deployed in transparent mode:

Mozilla Thunderbird

Adobe Acrobat Updates

HttpBridge

Subversion, by CollabNet

Microsoft Windows Update

Microsoft Visual Studio

If users need to access a particular URL using one of these client applications, 
then create an Identity based on a custom URL category that does not require 
authentication and place the Identity above all other Identities that require 
authentication. When you do this, the client application will not be asked for 
authentication.

When the Web Security appliance is connected to an upstream proxy server, you 
can configure the appliance or the upstream proxy to use authentication, but not 
both. Cisco recommends configuring the Web Security appliance to use 
authentication. This allows you to create policies based on user authentication.

If both the appliance and the upstream proxy use authentication, depending on the 
configurations, the appliance and upstream proxy might engage in an infinite loop 
of requesting authentication credentials. For example, if the upstream proxy