Cisco Cisco Content Security Management Appliance M160 사용자 가이드
D-33
Cisco IronPort AsyncOS 7.2.0 for Security Management User Guide
OL-21768-01
Appendix D Examples
Step 1
On the Security Management appliance, choose Web > Configuration Master
6.3 > Access Policies.
6.3 > Access Policies.
Step 2
Click on the link in the URL Categories column to modify the Global access
policy.
policy.
Step 3
Make sure that the Social Networking has been selected and has an assigned
identity as blocked.
identity as blocked.
The Web Security appliance in the NA branch is running AsyncOS 5.7. The NA
access policy must enforce two rules.
access policy must enforce two rules.
•
A local rule forbidding access to weapons and violence sites.
•
A rule forbidding access to social networking sites.
Because the Social Networking category is not included to 5.7, we need to create
the social networking custom URL category to ensure that social networking is
forbidden.
the social networking custom URL category to ensure that social networking is
forbidden.
Step 4
On the Security Management appliance, choose Web > Configuration Master
5.7> Access Policies.
5.7> Access Policies.
Step 5
Click Add Policy.
Step 6
On the Access Policies: Add Policy page do the following:
•
In the Policy Setting section check the Enable Policy checkbox.
•
Type NA policy in the Policy Name text field
•
In the Policy Member Definition section, select NA Identity from the
drop-down list.
drop-down list.
Step 7
Click Submit.
After you click Submit, you are returned to the Access Policies Page.
Step 8
On the Access Policies page, in the NA access policy row, click the global policy
link in the URL Categories column.
link in the URL Categories column.
Step 9
Make sure that the Weapons and Violence URL categories are selected for this
access policy. Additionally, make sure that Social Networking custom URL
category is blocked.
access policy. Additionally, make sure that Social Networking custom URL
category is blocked.