Manualshelf

User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Web Security Appliance S670
11121314151617181920
Table Of Contents
17
Cisco AnyConnect Secure Mobility Solution Guide
Cisco AnyConnect Secure Mobility Solution Guide
Configuring AnyConnect Secure Mobility
A single access password that you configure on each adaptive security
appliance and Web Security appliance
To use secure mobility, you must use the following Cisco product versions:
Cisco adaptive security appliance release 8.3.1.6 or higher
Cisco adaptive security device manager (ASDM) Release 6.3 or later
Cisco IronPort Web Security appliance version 7.0 or later
Configuring WSA Support for AnyConnect Secure Mobility
When AnyConnect Secure Mobility is enabled on the Web Security appliance,
you can distinguish remote users from local users and create separate policies for
remote and local users. For example, you can create Access Policies that allow
access to arts and entertainment sites when users are outside the office (remote
users), but block access when users are in the office (local users).
AsyncOS for Web version 7.0 or later supports AnyConnect Secure Mobility.
To configure the Web Security appliance to work with AnyConnect Secure
Mobility, perform the following tasks:
1. Enable the AnyConnect Secure Mobility feature on the Web Security
appliance. Enable the feature on the Security Services > Mobile User
Security page. When you enable the AnyConnect Secure Mobility feature,
you choose how to identify remote users, either by associating with particular
IP addresses or by integrating with a Cisco adaptive security appliance. When
users are identified by IP address, the Web Security appliance does not
communicate with the adaptive security appliance.
Note If multiple adaptive security appliances are configured in a cluster, you
configure the Web Security appliance to communicate with each adaptive
security appliance in the cluster. If two adaptive security appliances are
configured for high availability, you configure the Web Security
appliance to communicate with the active adaptive security appliance
only.
2. Create one or more Identity policies that applies to remote users. You can
choose whether or not authentication is required for the Identity: