Руководство Пользователя для Cisco Cisco Content Security Management Appliance M160

9-9

AsyncOS 9.0 for Cisco Content Security Management Appliances User Guide

Chapter 9 Managing Web Security Appliances

Initializing and Configuring Configuration Masters

Except for the few items described in

SMA-Specific Differences when Configuring Features in

Configuration Masters, page 9-9

, instructions for configuring features in a Configuration Master are the

same as instructions for configuring the same features on the Web Security appliance. For instructions,
see the online help in your Web Security appliance or the AsyncOS for Cisco Web Security Appliances
User Guide for the AsyncOS version corresponding to the Configuration Master version. If necessary,
consult the following topic to determine the correct Configuration Master for your Web Security
appliance:

Determine the Configuration Master Versions to Use, page 9-3

All versions of Web Security user guides are available from

http://www.cisco.com/c/en/us/support/security/web-security-appliance/products-user-guide-list.html

SMA-Specific Differences when Configuring Features in Configuration Masters

When you configure a feature in a Configuration Master, note the following differences from configuring
the same feature directly on the Web Security appliance.

Table 9-1

Feature Configuration: Differences between Configuration Master and Web Security Appliance

Feature or Page

Details

All features, especially new
features in each release

For each feature that you configure in a Configuration Master, you must enable the
feature in the Security Management appliance under Web > Utilities > Security Services
Display. For more information, see

Ensuring that Features are Enabled Consistently,

page 9-10

Identities

•

See

Tip for Working with Identities in Configuration Masters, page 9-10

•

If you have realms on different Web Security appliances that have the same name
but different protocols, choose the appropriate scheme for each desired realm in the
Configuration Master.

•

The Identify Users Transparently option when adding or editing an Identity is
available when a Web Security appliance with an authentication realm that supports
transparent user identification has been added as a managed appliance.

SaaS Policies

The authentication option “Prompt SaaS users who have been discovered by transparent
user identification” is available only when a Web Security appliance with an
authentication realm that supports transparent user identification has been added as a
managed appliance.

Access Policies > Edit Group

When you configure the Identities and Users option in the Policy Member Definition
section, the following applies if you use external directory servers:

When you search for groups on the Edit Group page, only the first 500 matching results
are displayed. If you do not see the desired group, you can add it to the “Authorized
Groups” list by entering it in the Directory search field and clicking the "Add" button.

Access Policies > Web Reputation
and Anti-Malware Settings

Options available on this page depend on whether Adaptive Scanning is enabled for the
relevant configuration master. Check this setting in Web > Utilities > Security Services
Display.