Filter
Top Products
20-3
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 20 Working with ScanSafe Web Security
Configuring ScanSafe Web Security
To configure ScanSafe Web Security, perform the following steps:
Step 1 From the Policy Types selector, select Firewall > ScanSafe Web Security.
The ScanSafe Web Security page appears with the Interfaces tab selected.
Step 2 Enable those interfaces by which web requests are to be forwarded to the ScanSafe Web Security server
by selecting them from the list in the Available Interfaces column and moving them to the Selected
Interfaces column.
Step 3 Select the WhiteListing Regular Expressions tab.
Step 4 Select the Notify Tower checkbox to send notifications to the ScanSafe Web Security server regarding
the whitelisting. It is applicable to all whitelisting except that which is IP-based.
(ScanSafe Web Security receives a warning when no regular expression is specified for white listing.)
Step 5 In the HTTP Host area specify the regular expressions to be whitelisted (using regular expression
matching) by selecting them from the list in the Available Regular Expressions column and moving
them to the Selected Regular Expressions column.
Step 6 In the HTTP User Agent area specify the regular expressions to be whitelisted by selecting them from
the list in the Available Regular Expressions column and moving them to the Selected Regular
Expressions column.
Step 7 Select the WhiteListing ACLs tab.
Step 8 Specify the type of ACLs to operate upon by selecting either Extended or Standard from the Type list.
Step 9 Specify the ACLs to whitelist by selecting them from the list in the column on the left and moving them
to the Selected items column.
Step 10 Select the User Groups tab.
Tip You can use the User Groups page to define user groups, specify both the default user and default
user group, and to include or exclude user groups. You can also edit or delete entries in all three
of these lists.
Step 11 Specify a default user by entering the user name in the Default User field (optional).
Step 12 Specify a default user group by entering the user group name in the Default User Group field.
Step 13 Include a user group by selecting the interface and then adding the user group to the Include list.
Step 14 Exclude a user group by selecting the interface and then adding the user group to the Exclude list.
Step 15 Select Policy > Firewall > Settings > ScanSafe Web Security from the policy selector.
Step 16 With the Details tab selected, specify the Primary ScanSafe Server by entering the following values:
• IP Address/Name
• HTTP Port (default 8080)
• HTTPS Port (default 8080)
Step 17 With the Details tab selected, specify the Secondary ScanSafe Server by entering the following values:
• IP Address/Name (only a valid IP address or FQDN).
• HTTP Port (default 8080)
• HTTPS Port (default 8080)
Step 18 Specify the Server Timeout period in seconds (default 300).