Cisco Cisco Web Security Appliance S360 Guia Do Utilizador
B-12
AsyncOS 9.0 for Cisco Web Security Appliances User Guide
Appendix B Command Line Interface
Web Security Appliance CLI Commands
setntlmsecuritymode
Changes the security setting for the NTLM authentication realm to either
“ads” or “domain”.
“ads” or “domain”.
•
domain
— AsyncOS joins the Active Directory domain with a domain
security trust account. AsyncOS requires Active Directory to use only
nested Active Directory groups in this mode.
nested Active Directory groups in this mode.
•
ads
— AsyncOS joins the domain as a native Active Directory member.
Default is
ads
.
settime
Set system time.
settz
Displays the current time zone and the time zone version. Provides an
operations menu to set a local time zone.
operations menu to set a local time zone.
showconfig
Display all configuration values.
Note
User passphrases are encrypted.
shutdown
Terminates connections and shuts down the system.
smtprelay
Configure SMTP relay hosts for internally generated email. An SMTP relay
host is required to receive system generated email and alerts.
host is required to receive system generated email and alerts.
snmpconfig
Configure the local host to listen for SNMP queries and allow SNMP requests.
sshconfig
Configure hostname and host key options for trusted servers.
sslconfig
Commands for use of communications protocols TLS v1.x and SSL v3 with
Proxy Services, Appliance Management Web User Interface, Update Service,
Secure ICAP Services, and Secure LDAP Services:
Proxy Services, Appliance Management Web User Interface, Update Service,
Secure ICAP Services, and Secure LDAP Services:
VERSIONS
– View and change the protocols enabled for specific services.
COMPRESS
– Enable/disable TLS compression. Disabling is recommended for
best security.
CIPHERS
– Add/update cipher suites available to selected protocols.
FALLBACK
– Enable/disable the SSL/TLS fall-back option. If enabled,
communications with remote servers will fall back to the lowest configured
protocol following a handshake failure.
protocol following a handshake failure.
ECDHE
– Enable/disable use of ECDHE ciphers for LDAP.
status
Displays system status.
supportrequest
Send the support request email to Cisco IronPort Customer Support. This
includes system information and a copy of the master configuration.
includes system information and a copy of the master configuration.
tail
Displays the end of a log file. Command accepts log file name or number
as parameters.
as parameters.
example.com> tail system_logs
example.com> tail 9
tcpservices
Displays information about open TCP/IP services.
techsupport
Provides a temporary connection to allow Cisco IronPort Customer Support
to access the system and assist in troubleshooting.
to access the system and assist in troubleshooting.
telnet
Communicates with another host using the TELNET protocol.