![Cisco ASA 5508-X Configuration Manual Download Page 150](http://html.mh-extra.com/html/cisco/asa-5508-x/asa-5508-x_configuration-manual_63708150.webp)
8-14
Cisco ASA Series Firewall CLI Configuration Guide
Chapter 8 ASA and Cisco Cloud Web Security
Monitoring Cloud Web Security
Configure the Cloud Web Security Policy
After you configure the ASA service policy rules, launch the ScanCenter Portal to configure Web content
scanning, filtering, malware protection services, and reports.
Go to:
https://scancenter.scansafe.com/portal/admin/login.jsp
For more information, see the Cisco ScanSafe Cloud Web Security Configuration Guides:
http://www.cisco.com/en/US/products/ps11720/products_installation_and_configuration_guides_list.h
tml
Monitoring Cloud Web Security
To monitor Cloud Web Security, use the following commands:
•
show scansafe server
Shows the status of the server, whether it is the currently active server, the backup server, or
unreachable.
hostname#
show scansafe server
hostname# Primary: proxy197.scansafe.net (72.37.244.115) (REACHABLE)*
hostname# Backup: proxy137.scansafe.net (80.254.152.99)
•
show scansafe statistics
Shows information about Cloud Web Security activity, such as the number of connections redirected
to the proxy server, the number of current connections being redirected, and the number of white
listed connections:
hostname#
show scansafe statistics
Current HTTP sessions : 0
Current HTTPS sessions : 0
Total HTTP Sessions : 0
Total HTTPS Sessions : 0
Total Fail HTTP sessions : 0
Total Fail HTTPS sessions : 0
Total Bytes In : 0 Bytes
Total Bytes Out : 0 Bytes
HTTP session Connect Latency in ms(min/max/avg) : 0/0/0
HTTPS session Connect Latency in ms(min/max/avg) : 0/0/0
•
show service policy inspect scansafe
Shows the number of connections that are redirected or white listed by a particular policy.
hostname(config)#
show service-policy inspect scansafe
Global policy:
Service-policy: global_policy
Class-map: inspection_default
Interface inside:
Service-policy: scansafe-pmap
Class-map: scansafe-cmap
Inspect: scansafe p-scansafe fail-open, packet 0, drop 0, reset-drop 0,
v6-fail-close 0
Number of whitelisted connections: 0
Number of connections allowed without scansafe inspection because of "fail-open"
config: 0
Number of connections dropped because of "fail-close" config: 0
Number of HTTP connections inspected: 0
Number of HTTPS connections inspected: 0
Summary of Contents for ASA 5508-X
Page 11: ...P A R T 1 Access Control ...
Page 12: ......
Page 157: ...P A R T 2 Network Address Translation ...
Page 158: ......
Page 233: ...P A R T 3 Service Policies and Application Inspection ...
Page 234: ......
Page 379: ...P A R T 4 Connection Management and Threat Detection ...
Page 380: ......