Cisco WSA Authentication
In this and other posts we’ll discuss the Cisco Web Security Appliance. This is the blog agenda:
Part 1: Introduction
Part 2: Installing
Part 3: Deploying Proxy Services
Part 4: Policies
Part 5: Acceptable use & HTTPS Inspection
Part 6: Authentication
Part 7: Defending malware
This is the 6th part of the series.
A proxy is no real proxy without user authentication. That’s what I’m going to discuss in this post. Authentication is needed for logging and user tracking.
Authentication options:
- Basic (local accounts)
- NTLMSSP (for Microsoft Active Directory)
In explicit forwarding mode you can use straightforward proxy authentication. In transparant mode you have to fool the WSA.
In case all authentication services are unavailable, you can choose to permit or block all traffic. You can find this setting in Network > Authentication, click Edit Global Settings.
Read more