05-25-2018 08:22 AM - last edited on 03-25-2019 04:55 PM by ciscomoderator
Hello:
I am configuring the policies of access to users in my company and I would like to request your help to better understand what is the relationship between Identification Profile, Decryption Policy and Access Policy in a Cisco WSA 390.
In advance thank you very much for the help.
05-25-2018 05:41 PM
Hi,
Would recommend to review the WSA user guide on this to get more details understanding on how the correlate to each other.
In brief, When traffic comes in to WSA to be processed, the traffic will go to Identity first for WSA to identify from where the traffic from, whether authentication needed for that traffic, etc.
The Identity will work from top to bottom to match its condition (same work with access policy and decryption policy).
When the condition match an Identity, it then identify if the request is HTTP or HTTPS.
If it is HTTP, it will then goes to Access Policy to apply the policy based on the Identity use on the access policy.
If it is HTTPS, it will then goes to Decryption Policy. This is providing if HTTPS proxy is enable from the GUI -> Security Services -> HTTPS Proxy. If HTTPS proxy is not enabled, WSA still can process port 443 traffic however WSA will only CONNECT tunnelling the traffic and this will be processed in Access Policy if port 443 is listed in the Protocols and User Agents -> HTTP CONNECT Ports of that access policy.
I have attached some interactive PDF guide that might help you in setting up those policies.
Hope this helps
Regards
Handy Putra
05-25-2018 05:42 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide