Filter
Top Products
CHAPTER
20-1
User Guide for Cisco Security Manager 4.4
OL-28826-01
20
Working with ScanSafe Web Security
Security Manager provides integration with ScanSafe Web Security. ScanSafe Web Security is a
cloud-based SaaS (Security as a Service) function that makes available its web security data centers at
various locations worldwide. When ScanSafe Web Security is integrated with a router, selected HTTP
and HTTPS traffic is redirected to ScanSafe Cloud for content scanning and for malware detection by
other means. Also, you can use ScanSafe Web Security to provide differentiated services to particular
users, user groups, and IPs.
Invoking ScanSafe Web Security from Security Manager, you can define policies and settings in the
following areas:
• Content scanning settings
• Content scanning policies
• AAA server settings
• AAA policies
With ScanSafe Web Security integration in Security Manager you can copy and share most policies and
framework-based policy features. The following table details the scope of support for scanning and AAA
policy types.
Supported Type Example
Content Scan Settings Primary server IP, secondary server IP, server timeouts
Content Scan Policies Global whitelist policies
Include/exclude user groups, default user configuration, default user group
configuration
Interfaces that must have content scanning enabled
AAA Server Settings Identity policy object used in http-basic and NTLM policy
Http-basic and NTLM related timeouts
Order of occurrence for proxy, http-basic, and NTLM
LDAP server and LDAP attribute map configuration for IOS
Note Radius and TACAS servers are also supported.
Per interface AAA list
AAA Policies Http-basic and NTLM admission rule support (authentication methods) now
join the previously available Auth-Proxy method