20-7
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 20 Working with ScanSafe Web Security
ScanSafe Web Security Settings Page
• Add and Edit Default User Groups Dialog Box, page 20-6
• AAA Rules Page, page 15-10
Navigation Path
(Policy view) Select Firewall and open Settings from the Policy Type selector. Then click ScanSafe Web
Security to open the ScanSafe Web Security Settings Page.
(Device view) Select Firewall and open Settings from the Policy Type selector. Then click ScanSafe Web
Security to open the ScanSafe Web Security Settings Page.
Field Reference
Table 20-1 ScanSafe Web Security Settings
Element Description Usage
IP Address|Name
(Primary ScanSafe Server)
The primary FQDN or IP address of the server configured
to operate ScanSafe Web Security.
Both
HTTP Port
(Primary ScanSafe Server)
Default primary port for proxied HTTP traffic
(default=8080).
Both
HTTPS Port
(Primary ScanSafe Server)
Default primary port for proxied HTTPS traffic
(default=8080).
Both
IP Address/Name
(Backup ScanSafe Server)
The secondary FQDN or IP address of the server
configured to operate ScanSafe Web Security.
Both
HTTP Port
(Backup ScanSafe Server)
Default secondary port for proxied HTTP traffic
(default=8080).
Both
HTTPS Port
(Secondary ScanSafe Server)
Default secondary port for proxied HTTPS traffic
(default=8080).
Both
Server Timeout Polling timeout when checking the availability of the
ScanSafe Web Security server.
IOS Only
Session Idle Timeout Inactivity timeout of the ScanSafe Web Security server
(default=300 seconds). Used to remove the session if it is
found inactive.
IOS Only
On Failure Determines the action to be taken (Drop all Traffic or
Allow All Traffic) when both primary and secondary
ScanSafe Web Security servers are found inactive.
IOS Only
IP Address (Source Address) IP address from which a packet to the ScanSafe Web
Security server originates from the router.
IOS Only
Interface (Source Address) Interface address from which a packet to the ScanSafe
Web Security server originates from the router.
IOS Only
License The license sent to the ScanSafe Web Security server (32
hexadecimal characters).
Both
Encrypted When selected, enables the encryption. ASA does not
accept encrypted license text to be configured.
IOS Only
Enable Logging Checkbox Enables IOS syslogs (default=not enabled). IOS Only
Public Key File Name of the public key file ASA Only
Connection Retry Count Number of times that the system should retry connecting. ASA Only