Back=right
mouse click.
Back=right
mouse click.
HTTP > HTTPS Decryption > Policies > Add
Enable policy—Enable or disable the individual policy.
Note: If you have policies disabled at the global level (through HTTP > HTTPS Decryption > Policies), the enabled status of an individual policy will be ignored.
Policy name—Type a brief but descriptive name for the policy rule. Names must be unique, and will appear in the list of policies that appears when you click HTTP > HTTPS Decryption> Policies.
Identification—Specify to whom the policy applies. If LDAP is enabled in the User Identification page, enter the LDAP User or Group name. Otherwise, type an IP address, a range of IP addresses, IP subset, or specify the host name.
Important:
Before choosing a Hostname, you need to prepare all clients on the
LAN by running the following program on each client:
/usr/iwss/bin/register_user_agent_header.exe
This can be done by adding it to your Windows domain login script (or
by creating one only for this purpose).
Warning: In proxy mode, IWSVA applies HTTPS decryption policies based on the client's browser domain. However in transparency mode, because IWSVA is unable to obtain client domain information, IWSVA applies HTTPS decryption policies based on the CommonName in the server certificate received.