Руководство Пользователя для Cisco Cisco Web Security Appliance S690
7-10
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 7 Policies
Working with Time Based Policies
Define time ranges on the Web Security Manager > Defined Time Ranges page. You can create time
ranges to define concepts such as “business hours” or “weekend shift.” Then you can use the time ranges
in the following locations:
ranges to define concepts such as “business hours” or “weekend shift.” Then you can use the time ranges
in the following locations:
•
Policy group membership for a Routing, Access, or Decryption Policy.
•
URL filtering settings for Access Policies.
When you define a time range, you can specify the day(s) of the week and the time of day. A transaction
matches the time range when it occurs on one of the days specified and during the time specified. You
can also define multiple combinations of day and time in a single time range. For example, you can
define a time range that applies to transactions that occur on Monday through Friday from 08:00 to 17:00
or on Saturday from 09:00 to 13:00.
matches the time range when it occurs on one of the days specified and during the time specified. You
can also define multiple combinations of day and time in a single time range. For example, you can
define a time range that applies to transactions that occur on Monday through Friday from 08:00 to 17:00
or on Saturday from 09:00 to 13:00.
Policies and URL filtering actions can be defined inside or outside the defined time ranges.
Note
Because you can define time based policy group membership only for Routing, Access, and Decryption
Policies, but not Identities, you cannot create time based policies that define when users must
authenticate. Authentication requirements are defined in Identity groups, but time based policies are
defined in other policy group types. (bug #41723)
Policies, but not Identities, you cannot create time based policies that define when users must
authenticate. Authentication requirements are defined in Identity groups, but time based policies are
defined in other policy group types. (bug #41723)
Creating Time Ranges
Step 1
Go to Web Security Manager > Defined Time Ranges.
Step 2
Click Add Time Range.
Step 3
In the Time Range Name field, enter a unique, descriptive name.
Step 4
In the Time Zone section, choose whether to use the time zone setting on the Web Security appliance or
a different time zone setting you configure.
a different time zone setting you configure.
Step 5
In the Time Values section, define at least one row that specifies the days of the week and time of day to
include in this time range.
include in this time range.
a.
In the Day of the Week section, select at least one day.
b.
In the Time of Day section, choose All Day or enter a time range in the day using the From and To
fields.
fields.
Each time range includes the start time and excludes the end time. For example, entering 8:00
through 17:00 matches 8:00:00 through 16:59:59, but not 17:00:00.
through 17:00 matches 8:00:00 through 16:59:59, but not 17:00:00.
Midnight must be specified as 00:00 for a start time, and as 24:00 for an end time.
Note
A transaction must occur on the day and in the time specified to match a row in the Time Values
section. That means the Day of Week and Time of Day values have an “AND” relationship with
each other within a single row.
section. That means the Day of Week and Time of Day values have an “AND” relationship with
each other within a single row.
Step 6
Optionally, you can create additional time value rows by clicking Add Row.
Note
When a time range includes multiple time value rows, a transaction can occur within any of the
defined time values to match the time range. That means that multiple time value rows in a single
time range have an “OR” relationship with each other.
defined time values to match the time range. That means that multiple time value rows in a single
time range have an “OR” relationship with each other.