Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
201
Views
2
Helpful
3
Replies

cisco data security in WSA

SIB9
Level 1
Level 1

‎04-12-2024 08:30 AM

Hi Folks i have a doubt we have Cisco data security services enabled for upload inspection in our WSA and in that policy we have one URL custom category as passthrough and one identification profile is also configured and upload limit is 500 mb .so the 500 mb upload is for that identification profile matching and for  the selected URL categories?

Labels:
0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎04-13-2024 02:24 AM

as per your scenario for that rule only - which matches that scenario

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

psayafan
Cisco Employee
Cisco Employee

‎04-15-2024 11:16 AM

The 500 MB upload limit applies to the traffic that matches the identification profile. If the identification profile is linked to the custom URL category with passthrough settings, this limit will apply to uploads to the URLs within that category for users identified by the profile.
You can check it with policy trace as well.

0 Helpful

amojarra
Cisco Employee
Cisco Employee

‎04-19-2024 06:58 AM

Hello @SIB9 

Please allow me to mention some items:

[1] WSA's policies are TOP to Down, Left to Right

[2] meaning that ( for example in Decryption policy ) the first item we check is ID profile, and if you have a match, then WSA will move forward to URL categories.

[3] In Cisco Data Security Policies" we dont have passthrough, (that is for Decryption policy), just monitor and Block. if monitor + Maximum File Size it will apply to that traffic.

[4] there is an option which you can set both ID profile and Custom URL category at the same time in Cisco Data Security Policy

Screenshot 2024-04-19 at 3.55.41 PM.png

meaning that, if both conditions are matching, then it will move to Right (URL Filtering > Web Reputation > Content ) 

lets say you put Cisco.com in the URL category and Asing that in the "Cisco Data Security Policy" with ID profile for User1

if User1 tries to upload to Cisco.com will hit this policy , and if tries to upload to another URLs will hit default policy 

 

Regards,

Amirhossein Mojarrad

+++++++++++++++++++++++++++++++++++++++++++++++++++

++++        If you find this answer helpful, please rate it as such      ++++

+++++++++++++++++++++++++++++++++++++++++++++++++++

 

Customers Also Viewed These Support Documents