Securing the Web with Cisco Web Security Appliance

Schedule

Start End Duration Location Details

Course Details

Securing the Web with Cisco Web Security Appliance (SWSA) v3.0

Course code: SWSA v3

Duration: 2 Days


Course Description:

The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco® Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.

 

Course Objectives:

After taking this course, you should be able to:

•    Describe Cisco WSA
•    Deploy proxy services
•    Utilize authentication
•    Describe decryption policies to control HTTPS traffic
•    Understand differentiated traffic access policies and identification profiles
•    Enforce acceptable use control settings
•    Defend against malware
•    Describe data security and data loss prevention
•    Perform administration and troubleshooting

 

Intended Audience:

•    Security architects
•    System designers
•    Network administrators
•    Operations engineers
•    Network managers, network or security technicians, and security engineers and managers responsible for web security
•    Cisco integrators and partners    

 

Course Outlines:

•    Describing Cisco WSA
o    Technology Use Case
o    Cisco WSA Solution
o    Cisco WSA Features
o    Cisco WSA Architecture
o    Proxy Service
o    Integrated Layer 4 Traffic Monitor
o    Data Loss Prevention
o    Cisco Cognitive Intelligence
o    Management Tools
o    Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration
o    Cisco Content Security Management Appliance (SMA)

•    Deploying Proxy Services
o    Explicit Forward Mode vs. Transparent Mode
o    Transparent Mode Traffic Redirection
o    Web Cache Control Protocol
o    Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow
o    Proxy Bypass
o    Proxy Caching
o    Proxy Auto-Config (PAC) Files
o    FTP Proxy
o    Socket Secure (SOCKS) Proxy
o    Proxy Access Log and HTTP Headers
o    Customizing Error Notifications with End User Notification (EUN) Pages

•    Utilizing Authentication
o    Authentication Protocols
o    Authentication Realms
o    Tracking User Credentials
o    Explicit (Forward) and Transparent Proxy Mode
o    Bypassing Authentication with Problematic Agents
o    Reporting and Authentication
o    Re-Authentication
o    FTP Proxy Authentication
o    Troubleshooting Joining Domains and Test Authentication
o    Integration with Cisco Identity Services Engine (ISE)

•    Creating Decryption Policies to Control HTTPS Traffic
o    Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview
o    Certificate Overview
o    Overview of HTTPS Decryption Policies
o    Activating HTTPS Proxy Function
o    Access Control List (ACL) Tags for HTTPS Inspection
o    Access Log Examples

•    Understanding Differentiated Traffic Access Policies and Identification Profiles
o    Overview of Access Policies
o    Access Policy Groups
o    Overview of Identification Profiles
o    Identification Profiles and Authentication
o    Access Policy and Identification Profiles Processing Order
o    Other Policy Types
o    Access Log Examples
o    ACL Decision Tags and Policy Groups
o    Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications

•    Defending Against Malware
o    Web Reputation Filters
o    Anti-Malware Scanning
o    Scanning Outbound Traffic
o    Anti-Malware and Reputation in Policies
o    File Reputation Filtering and File Analysis
o    Cisco Advanced Malware Protection
o    File Reputation and Analysis Features
o    Integration with Cisco Cognitive Intelligence

•    Enforcing Acceptable Use Control Settings
o    Controlling Web Usage
o    URL Filtering
o    URL Category Solutions
o    Dynamic Content Analysis Engine
o    Web Application Visibility and Control
o    Enforcing Media Bandwidth Limits
o    Software as a Service (SaaS) Access Control
o    Filtering Adult Content

•    Data Security and Data Loss Prevention
o    Data Security
o    Cisco Data Security Solution
o    Data Security Policy Definitions
o    Data Security Logs

•    Performing Administration and Troubleshooting
o    Monitor the Cisco Web Security Appliance
o    Cisco WSA Reports
o    Monitoring System Activity Through Logs
o    System Administration Tasks
o    Troubleshooting
o    Command Line Interface

•    References
o    Comparing Cisco WSA Models
o    Comparing Cisco SMA Models
o    Overview of Connect, Install, and Configure
o    Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template
o    Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks
o    Connecting to the Cisco Web Security Virtual Appliance
o    Enabling Layer 4 Traffic Monitor (L4TM)
o    Accessing and Running the System Setup Wizard
o    Reconnecting to the Cisco Web Security Appliance
o    High Availability Overview
o    Hardware Redundancy
o    Introducing Common Address Redundancy Protocol (CARP)
o    Configuring Failover Groups for High Availability
o    Feature Comparison Across Traffic Redirection Options
o    Architecture Scenarios When Deploying Cisco AnyConnect® Secure Mobility