Cisco Cisco Web Security Appliance S170 사용자 가이드

Hybrid Web Security mode provides unified cloud and on-premise policy enforcement and threat 
defense, using policies defined in Cisco ScanCenter—the administrative portal to Cloud Web 
Security—which are automatically downloaded to the Web Security appliance.

Hybrid Web Security provides a subset of the features provided in Standard mode, and use of these is 
the same as in Standard mode, except as noted in this documentation. See 

 for additional information.

This chapter links to locations within this documentation that provide information about some of the major 
features of the Web Security Appliance that are common to both Standard mode and Hybrid Web Security 
mode. This chapter includes information about configuring the Hybrid Web Security that is not 
applicable in Standard mode. 

This document does not include information about Cisco Cloud Web Security and ScanCenter. That 
documentation is available at 

Please note these points regarding download, conversion and application of CWS policies/filters/rules to 
WSA policies:

Translation of both default and user-defined CWS policies to WSA policies is not a one-to-one 
conversion; however, the action that results from application of a particular policy in both 
environments is the same. In other words, the Block or Allow decision is always consistent, 
regardless of the sequence of rules “fired” in both cases. This allows rule evaluation in the proxy to 
be optimized for better performance without compromising consistent behavior.