Cisco Cisco Web Security Appliance S160 Guia Do Utilizador
7-2
Cisco IronPort AsyncOS 7.5 for Web User Guide
Chapter 7 Working with Policies
Policy Types
•
Block uploads of data infected with malware.
To enforce organizational policies, you define different policies in the Web Security appliance. The
appliance uses different types of policies for different functions. For more information about the types
of policies, see
appliance uses different types of policies for different functions. For more information about the types
of policies, see
When you work with policies, you create policy groups. After you create policy groups, you can define
the control settings for each group. For more information about working with policy groups, see
the control settings for each group. For more information about working with policy groups, see
.
After you have created policies, you can figure out which policy groups apply to a particular client
transaction for troubleshooting purposes. For example, you can find out if user jsmith tries to open a
Firefox browser to the URL http://www.google.com, then which policy groups apply to the transaction.
For more information about tracing policies, see
transaction for troubleshooting purposes. For example, you can find out if user jsmith tries to open a
Firefox browser to the URL http://www.google.com, then which policy groups apply to the transaction.
For more information about tracing policies, see
Note
The Web Security appliance is permissive by default. That is, requests are allowed unless specifically
blocked in a policy group.
blocked in a policy group.
Policy Types
The Web Security appliance uses multiple types of policies to enforce organizational policies and
requirements.
requirements.
•
Identities. “Who are you?”
•
Decryption Policies. “To decrypt or not to decrypt?”
•
Routing Policies. “From where to fetch content?”
•
Access Policies. “To allow or block the transaction?”
•
Cisco IronPort Data Security Policies. “To block the upload of data?” Cisco IronPort Data
Security Policies actions are defined on the Web Security appliance.
Security Policies actions are defined on the Web Security appliance.
•
External DLP (data loss prevention) Policies. “To block the upload of data?” External DLP
Policies actions are defined on an external DLP appliance.
Policies actions are defined on an external DLP appliance.
•
Outbound Malware Scanning Policies. “To block the upload of malicious data?”
•
SaaS Application Authentication Policies. “To allow this user access to the SaaS application?”
You use the policies together to create the behavior you need or expect when clients access the web.
To define policies, you create policy groups. After you create policy groups, you can define the control
settings for each group. For more information about working with policy groups, see
settings for each group. For more information about working with policy groups, see
.
All policy types have a global policy group that maintains default settings and rules that apply to web
transactions not covered by another policy. For more information on global policies, see
transactions not covered by another policy. For more information on global policies, see
.
Identities
An Identity is a policy that identifies the user making a request. This is the only policy where you can
define whether or not authentication is required. An Identity addresses the question, “who are you?”
However, Identities do not specify a list of users who are authorized to access the web. You specify
authorized users in the other policy types after you specify the Identity to use.
define whether or not authentication is required. An Identity addresses the question, “who are you?”
However, Identities do not specify a list of users who are authorized to access the web. You specify
authorized users in the other policy types after you specify the Identity to use.