Cisco Cisco Web Security Appliance S170 Guia Do Utilizador
C R E A T I N G D A T A S E C U R I T Y A N D E X T E R N A L D L P P O L I C I E S
C H A P T E R 1 1 : D A T A S E C U R I T Y A N D E X T E R N A L D L P P O L I C I E S
223
Proxy Ports
Choose whether or not to define policy group membership by the proxy
port used to access the Web Proxy. Enter one or more port numbers in
the Proxy Ports field. Separate multiple ports with commas.
For explicit forward connections, this is the port configured in the
browser. For transparent connections, this is the same as the destination
port. You might want to define policy group membership on the proxy
port if you have one set of clients configured to explicitly forward
requests on one port, and another set of clients configured to explicitly
forward requests on a different port.
IronPort recommends only defining policy group membership by the
proxy port when the appliance is deployed in explicit forward mode, or
when clients explicitly forward requests to the appliance. When you
define policy group membership by the proxy port when client requests
get transparently redirected to the appliance, some requests might be
denied.
Note: If the Identity associated with this policy group defines Identity
membership by this advanced setting, the setting is not configurable at
the non-Identity policy group level.
port used to access the Web Proxy. Enter one or more port numbers in
the Proxy Ports field. Separate multiple ports with commas.
For explicit forward connections, this is the port configured in the
browser. For transparent connections, this is the same as the destination
port. You might want to define policy group membership on the proxy
port if you have one set of clients configured to explicitly forward
requests on one port, and another set of clients configured to explicitly
forward requests on a different port.
IronPort recommends only defining policy group membership by the
proxy port when the appliance is deployed in explicit forward mode, or
when clients explicitly forward requests to the appliance. When you
define policy group membership by the proxy port when client requests
get transparently redirected to the appliance, some requests might be
denied.
Note: If the Identity associated with this policy group defines Identity
membership by this advanced setting, the setting is not configurable at
the non-Identity policy group level.
Subnets
Choose whether or not to define policy group membership by subnet or
other addresses.
You can choose to use the addresses that may be defined with the
associated Identity, or you can enter specific addresses here.
Note: If the Identity associated with this policy group defines its
membership by addresses, then in this policy group you must enter
addresses that are a subset of the addresses defined in the Identity.
Adding addresses in the policy group further narrows down the list of
transactions that match this policy group.
other addresses.
You can choose to use the addresses that may be defined with the
associated Identity, or you can enter specific addresses here.
Note: If the Identity associated with this policy group defines its
membership by addresses, then in this policy group you must enter
addresses that are a subset of the addresses defined in the Identity.
Adding addresses in the policy group further narrows down the list of
transactions that match this policy group.
URL Categories
Choose whether or not to define policy group membership by URL
categories. Select the user defined or predefined URL categories.
Note: If the Identity associated with this policy group defines Identity
membership by this advanced setting, the setting is not configurable at
the non-Identity policy group level.
categories. Select the user defined or predefined URL categories.
Note: If the Identity associated with this policy group defines Identity
membership by this advanced setting, the setting is not configurable at
the non-Identity policy group level.
Table 11-1 Data Security and External DLP Policy Group Advanced Options (Continued)
Advanced Option
Description