Белая книга для Cisco Cisco ScanSafe Web Security

Cisco CWS 

– ASA 5500 Deployment Guide 

 

 

15

 

Appendix 

DESTINATION WHITELIST

 

object network OBJECTNAME  
fqdn | host | nat | range | subnet  
object-group network OBJECTGROUPNAME  
network-object object OBJECTNAME  
access-list web line 1 extended deny tcp any object-group OBJECTGROUPNAME eq www  
access-list https line 1 extended deny tcp any object-group OBJECTGROUPNAME eq https 
  
SOURCE WHITELIST 
object network OBJECTNAME 
fqdn | host | nat | range | subnet 
object-group network OBJECTGROUPNAME 
network-object object OBJECTNAME 
access-list web line 1 extended deny tcp object-group OBJECTGROUPNAME any eq www 
access-list https line 1 extended deny tcp object-group OBJECTGROUPNAME any eq https 
  
SOURCE AND DESTINATION WHITELIST 
access-list web line 1 extended deny tcp object-group OBJECTGROUPNAME object-group 
OBJECTGROUPNAME eq www 
access-list https line 1 extended deny tcp object-group OBJECTGROUPNAME object-group 
OBJECTGROUPNAME eq https 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Americas Headquarters 
Cisco Systems, Inc. 
San Jose, CA 

Asia Pacific Headquarters 
Cisco Systems (USA) Pte. Ltd. 
Singapore 

Europe Headquarters 
Cisco Systems International BV Amsterdam 
The Netherlands 

Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at 

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks. 
Go to this URL: 

. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does 

not imply a partnership relationship between Cisco and any other company. (1 1 1OR) 

Printed in USA 

 

C11-727200-00   04/13