Global settings are
applied to all users. From here you can:
Enable separate filtering of HTTP and HTTPS traffic.
Set your Acceptable Usage Policy (AUP) display preferences.
Enable dynamic classification of unclassified websites.
The web use of most
users is based around a few websites they visit frequently and a search engine.
It is often searches that lead to inappropriate or dangerous websites.
SearchAhead alerts users to
potential risks by adding an icon to search results based on the web filtering
policy that you have applied. It also provides advanced warning for websites
that may host malware:
search engines are supported:
categories always appear with a question mark, regardless of your policy:
Peer File Transfer
block inappropriate, explicit, or potentially offensive content from your web
search results. Enforce SafeSearch on supported search engines to ensure that
the SafeSearch filter is enabled regardless of user setting. Currently, search
engines supported in Cisco Cloud Web Security include:
Inspection functionality. This functionality allows Cisco Cloud Web Security to
decrypt HTTPS traffic in order to apply policy, filtering, and scanning. By
default, this functionality is switched off in Cisco ScanCenter. If you want to
use this functionality, enable it in Cisco ScanCenter, create HTTPS Inspection
policies, and generate a company-specific certificate. For more information,
Secure Traffic Inspection.
When localization is enabled, Alert, SafeSearch, and
SearchAhead present text in the user's preferred language as specified
by their browser. If the user's preferred language is not supported, the text
is presented in English.
By default, the same category restrictions are applied to both HTTP
and HTTPS traffic unless separate filtering is enabled.
for All Users check box is enabled, every user is presented with an
Acceptable Usage Policy page when they access the Internet at a set interval,
either daily or weekly. A default page is provided which you can modify,
extend, or override completely with your own text and HTML. This feature
requires CWS Connector. See
Acceptable Use Policy.
This feature only works in conjunction with CWS Connector versions
2.50 and newer and the CWS Mobile Browser.
When the Dynamic Classification Engine is enabled, the system attempts
to identify the content of unclassified websites and apply your policy.
Currently, categories supported include:
Classification occurs as each page is downloaded. Pages will still
appear unclassified in the SearchAhead results.
Apple iOS devices use content-range headers to connect to the Internet
(for further information see
Normally, Cisco Cloud Web Security does not support these headers. However,
Enable Content Range Headers check box allows
the propagation of the HTTP range-related headers which enable users of these
devices to access the Internet via Cisco Cloud Web Security.
There is a potential security risk if this feature is enabled. A
specific attack directed from the client-side may try to download an infected
file from a website in discrete parts. Cisco Cloud Web Security may not be able
to recognize the separate parts as malware and may not block them. The client
could then potentially reconstruct the original file to install malware on the
Cisco is not currently aware of any malware that behaves this way,
and therefore does not believe that enabling this feature creates a material
additional security risk. However, consider this risk before enabling the
feature as Cisco does not accept responsibility for any consequences of
Management menu, click
Settings to display the
SearchAhead for All Users check box to enable SearchAhead. Alternatively,
clear the check box to switch off SearchAhead.
Enforce SafeSearch on Supported Search Engines
check box to enable the feature. Alternatively, clear the check box to switch
the feature off.
Localization check box to enable the localization feature.
Alternatively, clear the check box to switch the feature off.
HTTP/HTTPS Split check box to use the HTTP Web filtering settings
for HTTPS traffic as well. Alternatively, select the check box to use separate
filter settings for HTTP and HTTPS traffic.
AUP for All Users check box to display an acceptable usage policy
page to users when they connect to the Internet. Alternatively, clear the check
box to prevent the page from being displayed.
standard HTML page template for AUP page check box to include the
standard AUP page template. Alternatively, clear the check box to display only
the text or HTML that you supply.
Weekly to set how often the AUP page is displayed.
Enter the AUP
text or HTML in the box. Alternatively, accept the default text.
Dynamic Classification check box to enable unclassified websites to
be classified based on their content. Alternatively, clear the check box to
switch off this functionality.
Content Range Headers check box to enable Apple iOS users to
connect to the Internet via Cisco Cloud Web Security. Alternatively, clear the
check box to disable content range headers.