manualshive.com logo in svg

Cisco S190, Быстрый старт, Страница: 17 / 20

Поделиться
Скачать
Cisco S190 Скачать руководство пользователя страница 17

17

Additional Configuration

Congratulations. Now that you have completed the installation and basic 
configuration, you can start using your 

Cisco S190 Web Security Appliance. You may wish to consider taking some of 
the following steps to get more out of the appliance:

User Policies

Use the web interface to create policies that define which users can access which 
web resources as necessary. 

  •

Identify Users—Choose 

Web Security Manager > Identification Profiles 

to 

define groups of users that can access the Internet.

  •

Define Access Policies—Choose 

Web Security Manager > Access Policies

 to 

control user access to the Internet by configuring which objects and 
applications to allow or block, which URL categories to monitor or block, 
and web reputation and anti-malware settings.

You can also define several other policy types to enforce your organization’s 
acceptable use policies by controlling access to the Internet. For example, you 
can define policies for decrypting HTTPS transactions and other polices that 
control upload requests.

Traffic Monitor

After running the System Setup Wizard, one 
or both L4 traffic monitor ports (T1 only or 
both T1 and T2) are configured to listen to 
traffic on all TCP ports. The default setting 
for the L4 traffic monitor is monitor only. 
During or after setup, you can configure the 
L4 traffic monitor to both monitor and 
block suspicious traffic. 

Computer 
Address

Remember to change your computer IP 
address back to the original settings that 
you noted in the 

“Temporarily Change Your 

IP Address for Remote Access” section on 
page 9

.

Item

Description

Содержание S190

Страница 1: ...gs Plan the Installation Install the Appliance in a Rack Plug In the Appliance Temporarily Change Your IP Address for Remote Access Connect to the Appliance Power Up the Appliance Log In to the Appliance Run the System Setup Wizard Check for Available Upgrades Configure Network Settings Configuration Summary Additional Configuration ...

Страница 2: ...e You Begin Before you begin the installation make sure that you have the items needed The following items are included with the Cisco S190 Web Security Appliance Rails and adaptor kit Power cable Ethernet cable for connecting the appliance to your network Regulatory Safety and Compliance Information You will need to provide the following items yourself Rack cabinet enclosure if rack mounting the ...

Страница 3: ...uter Explicit Forward Proxy L4 Traffic Monitor Simplex tap Span port Duplex tap Span port Network Context Is there another proxy on the network Yes Other Proxy IP Address Other Proxy Port Network Settings Default System Hostname DNS Servers Use the Internet root DNS servers Use the following DNS servers maximum 3 1 2 3 Network Time Protocol NTP Server Time Zone Region Time Zone Country Time Zone G...

Страница 4: ...t interface If configured separately the Data interface IP address and the management interface IP address cannot share the same subnet Routes Internal Routes for Management Default Gateway Static Route Name Static Route Destination Network Static Route Gateway Internal Routes for Data Default Gateway Static Route Name Static Route Destination Network Static Route Gateway ...

Страница 5: ...rity Password _________________ Note When you connect the appliance to a WCCP router you might need to configure the Web Security appliance to create WCCP services after you run the System Setup Wizard Administrative Settings Administrator Password Email System Alerts To SMTP Relay Host Optional AutoSupport Enable SenderBase Network Participation Enable Limited Standard ...

Страница 6: ... L4 switch Transparent Proxy Web proxy with a WCCP router Explicit Forward Proxy Connection to a network switch L4 Traffic Monitor Ethernet tap simplex or duplex Simplex Mode Port T1 receives all outgoing traffic and port T2 receives all incoming traffic Duplex Mode Port T1 receives all incoming and outgoing traffic Security Services L4 Traffic Monitor Monitor only Block Acceptable Use Controls En...

Страница 7: ...rewall and before NAT Network Address Translation If your installation includes multiple Cisco Web Security Appliances S Series or Cisco Email Security Appliances C Series you may want to also use a Cisco Content Security Management Appliance M Series to manage them as shown in the following network diagram ...

Страница 8: ...ries Content Security Appliances Installation and Maintenance Guide Appliance Placement in a Rack Ambient Temperature To prevent the appliance from overheating do not operate it in an area that exceeds an ambient temperature of 104 F 40 C Air Flow Be sure that there is adequate air flow around the appliance Mechanical Loading Be sure that the appliance is level and stable to avoid any hazardous co...

Страница 9: ...he serial console proceed to section 8 below Note Make a note of your current IP configuration settings because you will need to revert to these settings after you finish the configuration For Windows Step 1 Connect your laptop to the primary Management Port labeled M1 using the cross over or Ethernet cable included in the system box The Cisco S190 appliance uses the M1 Management port only Step 2...

Страница 10: ...he Apple menu and choose System Preferences Step 2 Click Network Step 3 Select the network configuration with the green icon This is your active connection Then click Advanced Step 4 Click the TCP IP tab and from Ethernet settings choose Manually from the drop down list Step 5 Enter the following changes IP Address 192 168 42 43 Subnet Mask 255 255 255 0 Router 192 168 42 1 Step 6 Click OK ...

Страница 11: ...2 Simplex tap Ports T1 and T2 one cable for all packets destined for the Internet T1 and one cable for all packets coming from the Internet T2 Duplex tap Port T1 one cable for all incoming and outgoing traffic Item Port Description 1 Proxy port 1 Connect proxy port P1 to the network for both incoming and outgoing traffic 2 Proxy port 2 When both proxy ports P1 and P2 are enabled you must connect P...

Страница 12: ...t least 10 minutes for the system to complete the power up sequence and the LEDs to turn green If you turn the power off before the initialization is complete the appliance will NOT reach an operational state and must be returned to Cisco 4 Traffic Monitor port 2 Traffic monitor port for Simplex Ethernet tap One cable for all packets destined for the internet T1 and one cable for all packets comin...

Страница 13: ...e parameter is assigned during system setup Before you can connect to the management interface using a hostname http hostname 8080 you must add the appliance hostname and IP address to your DNS server database Step 3 Click Login Command Line Interface Step 1 Access the command line interface locally or remotely To access the CLI locally set up a terminal to connect to the serial port using 9600 bi...

Страница 14: ...uration or be performing the installation This is because you have changed the IP address but the installation is underway Step 6 If you temporarily changed the IP address of your computer as described above change the IP address settings back to the original values Step 7 Ensure that your laptop and the appliance are connected to the network Step 8 Log in to the appliance again at the hostname or...

Страница 15: ...ss using the following ports SMTP and DNS services must have access to the Internet The web security appliance must be able to listen on the following ports FTP port 21 data port TCP 1024 and higher HTTP port 80 HTTPS port 443 Management access ports 8443 HTTPS and 8080 HTTP SSH port 22 The web security appliance must be able to make an outbound connection on the following ports DNS port 53 FTP po...

Страница 16: ...om the MGMT port http 192 168 42 42 8080 so ensure that you have a connection to the MGMT port Also verify that you open firewall ports 80 and 443 on your management interface Data After running the System Setup Wizard at least one port on the appliance is configured to receive web traffic from the clients on the network M1 only M1 and P1 M1 P1 and P2 P1 only or P1 and P2 Note If you configured th...

Страница 17: ...hich URL categories to monitor or block and web reputation and anti malware settings You can also define several other policy types to enforce your organization s acceptable use policies by controlling access to the Internet For example you can define policies for decrypting HTTPS transactions and other polices that control upload requests Traffic Monitor After running the System Setup Wizard one ...

Страница 18: ... may want to configure for your Cisco S190 appliance For more information about configuring feature keys end user notifications logging and for details about other available web security appliance features see the Cisco S190 Web Security Appliance documentation Where to Go from Here Support Cisco Support http www cisco com c en us support web tsd cisco worldwide contacts ht ml U S Toll Free Number...

Страница 19: ...port security web security appliance produ cts installation guides list html Cisco Web Security Appliance Documentation All hardware and software documentation for your Cisco Web Security Appliance http www cisco com c en us support security web security appliance tsd pr oducts support series home html Safety and Compliance Guide http www cisco com c en us support security web security appliance t...

Страница 20: ...se To sign up visit http www cisco com cisco support notifications html A Cisco com account is required If you do not have one register at https tools cisco com RPF register register do Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and or its affiliates in the U S and other countries To view a list of Cisco trademarks go to this URL www cisco com go trademarks Third par...

Отзывы:

Нет отзывов