Download PDF
of this course

SWSA - Securing the Web with Cisco Web Security Appliance 2.1 (SWSA)

  • Overview
  • Who Should Attend
  • Certifications
  • Prerequisites
  • Objectives
  • Content
  • Schedule
Course Overview

Duration: 2 days
 

In this comprehensive two-day course containing hands-on labs, demos, and presentations, you will learn to install, configure, operate, and maintain the S-Series web security appliances. You will focus on HTTP and HTTPS proxy services, L4 traffic monitoring, authentication and web access control, URL filtering, anti-malware filtering, troubleshooting S-Series configuration issues, and S-Series deployment. You will also see how the WSA is used in a SAAS scenario (Security-As-A-Service) and how Cisco WSA can inspect HTTPS traffic. Hands-on labs provide you with a safe environment to experiment with malware and attempt configurations that might not be appropriate for a production network. This is formally an IronPort email and web security gateway and management products, currently referred to as Cisco Email Security and Cisco Web Security.

Who Should Attend

The audience may include the following:

  • Security architects and system designers
  • Network administrators and operations engineers
  • Network or security managers who are responsible for web security

 

Course Certifications

This course is part of the following Certifications:

Prerequisites

  • This topic lists the skills and knowledge that students must possess to benefit fully from the course. It includes recommended Cisco learning offerings that the student may complete to benefit fully from this course.

  • The knowledge and skills that a student must have before attending this course are as follows:

    • TCP/IP services, including DNS, SSH, FTP, SNMP, HTTP, and HTTPS, is assumed.

    • Experience with IP routing is assumed.

Course Objectives

The objective of this course is to provide students with information and practical activities that will prepare them to evaluate, install, configure, and administer a Cisco WSA in small- to medium-sized businesses and enterprise installations.

  • Describe the Cisco WSA

  • Install and verify the WSA

  • Deploy proxy services for the WSA

  • Utilize authentication with the WSA

  • Configure various policies for the WSA

  • Enforce acceptable use using the WSA

  • Defend against malware

  • Configure data security

  • Describe Cisco Cloud Web Security

  • Use Cisco AnyConnect Secure Mobility Client

  • Perform administration and troubleshooting of WSAs

 

Course Content

Module 1: Reviewing the System

Objective: Upon completion of this module, a student will be able to articulate the Web Security Appliance product.

 

Lesson 1: Customer Use Cases

Objective: Review customer use cases

This lesson includes these topics:

• Enforcing Acceptable Use

• Acceptable Usage Policies

• Malware Detection and Protection

• Mobile Users Bypassing Corporate Controls

• AnyConnect Secure Mobility Client

 

Lesson 2: Cisco Web Security Appliance Models and Architecture

Objective: Describe Cisco Web Security Appliance models and architecture

This lesson includes these topics:

• Cisco Web Security Appliance Models

• Architecture Overview

• AsyncOS Overview

• Proxy Service Overview

• Integrated L4TM

• Cisco Cloud Web Security Provides SaaS Delivery of Security

• Management Tools

• Splunk Application for Cisco Web Security Appliance

Hardware Challenge Lab 1: Access the Cisco Remote Lab

This activity includes these tasks:

• Connect to the Remote Lab

 

Module 2: Installing and Verifying the Cisco Web Security Appliance

Objective: Install and verify the installation of the Web Security Appliance and M Series and configure and Verify L4 traffic monitoring.

 

Lesson 1: Review the Cisco Security Management Appliance

Objective: Review the Cisco Security Management Appliance

This lesson includes these topics:

• The Cisco Security Management Appliance

• Features and Benefits of the Cisco Security Management Appliance

• Centralized Reporting and Configuration Management

• Model Specifications

• Cisco Security Management Appliance Deployment

 

Lesson 2: Install and Verify Cisco Web Security Appliance Hardware

Objective: Describe how to install and verify Cisco Web Security Appliance hardware

This lesson includes these topics:

• Installing and Cabling Cisco Web Security Appliance Hardware

• Sample Interface Deployments

• Connecting to the Cisco Web Security Appliance for the First Time

 

Lesson 3: Install and Verify the Cisco Web Security Virtual Appliance for VMware

Objective: Describe how to install and verify the Virtual Cisco Web Security Appliance for VMware

This lesson includes these topics:

• Preparing for the Cisco Web Security Virtual Appliance Installation on VMware

• Deploying the Cisco Web Security Appliance OVF Template

• Additional VM Settings

• Map Cisco Web Security Appliance VM Ports to Correct Networks

• Connecting to the Cisco Web Security Virtual Appliance for the First Time

 

Lesson 4: Run the System Setup Wizard

Objective: Run the system setup wizard

This lesson includes these topics:

• Accessing the System Setup Wizard

• Running the System Setup Wizard

• Reconnecting to the Cisco Web Security Appliance

 

Lesson 5: Configure L4TM

Objective: Describe how to configure L4TM

This lesson includes these topics:

• Enable L4TM

Hardware Challenge Lab 2: Installing and Verifying the Cisco Web Security Appliance

This activity includes these tasks:

• Connect to the Web Security Appliance

 

Module 3: Configuring Virtual Web Security Appliance Connector to Cisco Cloud Web Security

Objective: Configure and Verify Cisco Cloud Web Security Connector

 

Lesson 1: Review Cisco Cloud Web Security

Objective: Review Cisco Cloud Web Security functionality features

This lesson includes these topics:

• Cisco Cloud Web Security

• Supported and Unsupported Functionality Features

 

Lesson 2: Connect to Cisco Cloud Web Security Using the Cloud Web Security Connector

Objective: Connect to Cisco Cloud Web Security using the Cloud Web Security Connector.

This lesson includes these topics:

• Configuring the Cloud Connector

• Cloud Web Security Connector Option

• Network Interfaces and Wiring

• Routes for Management and Data Traffic

• Configure Transparent Connection Settings

• Directory Group Policies in the Cloud

• Cloud Connector Logs

 

Module 4: Deploying Proxy Services

Objective: Contrast the different proxy modes, configure, and manage the proxy services (PAC, WCCP), deploy the S-Series native FTP proxy, and Socks Proxy, and interpret the proxy access log and http headers.

 

Lesson 1: Contrast Proxy Modes

Objective: Contrast proxy modes

This lesson includes these topics:

• Explicit Forward Mode vs. Transparent Mode

• Explicit Forward Mode Configuration

• Transparent Mode Traffic Redirection

• Web Cache Control Protocol

• WCCP Upstream Flow

• WCCP Downstream Flow

• Proxy Bypass

• Defining Cisco WSA WCCP Service Group

• Enabling Cisco WSA Transparent Redirection

• Enabling WCCP Redirection on a Cisco ASA

 

Lesson 2: Review PAC Files

Objective: Review PAC files

This lesson includes these topics:

• PAC File Troubleshooting

• PAC File Deployment Options

• PAC File Examples: Single and Failover

• PAC File Hosting

 

Lesson 3: Configure and Manage Proxy Services

Objective: Configure and manage the proxy services on the Cisco Web Security Appliance

This lesson includes these topics:

• Configuring and Managing Proxy Caching

• Tune Caching Behavior for Safety or Performance

• The Proxy Settings GUI Page

• Customizing Error Notifications with EUN Pages

• EUN Localization Directories

 

Lesson 4: Deploy Native FTP Proxy

Objective: Deploy the Cisco Web Security Appliance native FTP proxy

This lesson includes these topics:

• FTP Proxy Supports Both Active and Passive Mode

• FTP Forward Mode vs. Transparent Mode

• FTP Proxy Configuration

• FTP Client Example: FileZilla

 

Lesson 5: Read Proxy Access Log and HTTP Headers

Objective: Read the proxy access log and HTTP headers.

This lesson includes these topics:

• Cisco Web Security Appliance Access Log: Squid Component

• Squid Access Log Format

• Common Response Codes

• HTTP Headers

• Access Log Examples

• Customizing the Access Log

• MIME Types

Hardware Challenge Lab 3: Deploying Proxy Services

This activity includes these tasks:

• Read the Proxy Access Log and HTTP Headers

• Configure Acknowledgment and End-User Notifications

• Configure PAC Files and PAC File Hosting

• Configure and Test the Native FTP Proxy

 

Module 5: Utilizing Authentication

Objective: Configure NTLM, configure transparent user identification for active directory, configure LDAP authentication, troubleshoot the process of joining domains, and test authentication

 

Lesson 1: Configure NTLM and Proxy Authentication

Objective: Configure NTLM and proxy authentication

This lesson includes these topics:

• Cisco Web Security Appliance Proxy Authentication

• Authentication Protocols and Proxy Modes

• Explicit Forward Mode

• Transparent Mode

• Reporting and Authentication

• Reauthentication

• FTP Proxy Authentication

 

Lesson 2: Identify Authentication Settings and Realms

Objective: Identify authentication settings and realms

This lesson includes these topics:

• Global Authentication Settings

• Creating Realms and Realm Sequences

• Creating an NTLM Realm for Active Directory

• Joining a Cisco WSA to the Active Directory Domain

• Configuring an Identity to Require Transparent User Identification

 

Lesson 3: Describe LDAP Authentication and Authorization

Objective: Describe LDAP authentication and authorization

This lesson includes these topics:

• Creating LDAP Realms for Other Directories

• Defining How Users Are Stored

• Binding to the Directory

• LDAP Group Authorization

 

Lesson 4: Troubleshoot Joining Domains and Test Authentication

Objective: Troubleshoot the process of joining domains and test authentication

This lesson includes these topics:

• Trouble Joining the Domain

• Common Errors When Joining the Domain

• Test Authentication: NTLM or LDAP

• Authentication Always Starts with an Access Log Error

Hardware Challenge Lab 4: Utilizing Authentication

This activity includes these tasks:

• Perform HTTP Authentication

• Perform LDAP Authentication

 

Module 6: Configuring Policies

Objective: Describe the various S-Series policy types, and configure access polices, identities, and authentication exemptions.

 

Lesson 1: Configure Access Policies and Identities

Objective: Configure access policies and identities

This lesson includes these topics:

• Access Policies

• Access Policy Groups

• Policy Trace

• Identities

• Authentication

• Other Policy Types

 

Lesson 2: Configure Authentication Exemptions

Objective: Configure authentication exemptions

This lesson includes these topics:

• Configure Access Policy Membership

• Configure an Identity to Avoid Authentication

 

Lesson 3: Review Access Log Tags

Objective: Review access log tags

This lesson includes these topics:

• Access Log Decision Tags Reflect Policy Controls

• Access Log Examples

• ACL Decision Tags and Policy Groups

Hardware Challenge Lab 5: Configuring Cisco WSA Policies

This activity includes these tasks:

• Configure File Size and Type Restrictions

• Create User Agent Authentication Exemptions

• Exempt Native FTP Proxy from Authentication

 

Module 7: Enforcing Acceptable Use

Objective: Enforce acceptable use policies, enable and configure URL filters, and utilize custom URL categories.

 

Lesson 1: Enable URL Categories and Filters

Objective: Enable URL categories and filters

This lesson includes these topics:

• URL Filtering

• URL Category Solutions

 

Lesson 2: Configure Application Visibility and Control

Objective: Configure application visibility and controls

This lesson includes these topics:

• Web Usage Controls

• Dynamic Content Analysis Engine

• Configuring the URL Filtering Engine

 

Lesson 3: Describe SaaS Access Control

Objective: Describe SaaS access control

This lesson includes these topics:

• Enforcing Time-Based Acceptable Use Policies

• URL Warning Page

 

Lesson 4: Use HTTPS Inspection

Objective: Use HTTPS inspection

This lesson includes these topics:

• HTTPS Inspection and Decryption Policies

• Active HTTPS Proxy

• ACL Tags for HTTPS Inspection

• Access Log Examples

 

Lesson 5: Configure HTTPS Proxy Settings

Objective: Configure HTTPS proxy settings

This lesson includes these topics:

• Relevant Licenses

• Enabling the HTTPS Proxy

• Invalid Certificate Management for HTTPS Proxy

• HTTPS Inspection Pipeline

• HTTPS Inspection Policy

Hardware Challenge Lab 6: Enforcing Acceptable Use

This activity includes these tasks:

• Create a Reasonable Global Acceptable Use Policy

 

Module 8: Enforcing Acceptable Use: Advanced Topics

Objective: Enforce acceptable use policies, enable and configure URL filters, and utilize custom URL categories.

 

Lesson 1: Configure Application Visibility and Control: Advanced Topics

Objective: Configure application visibility and control and media bandwidth limits

This lesson includes these topics:

• Web Application Visibility and Control

• Streaming Media Bandwidth Control

 

Lesson 2: Describe SaaS Access Control: Advanced Topics

Objective: Describe SaaS access controls

This lesson includes these topics:

• SaaS Access Control

• How SaaS Access Control Works

 

Lesson 3: Configure Web Usage Controls and URL Categories

Objective: Configure web usage controls and URL category settings

This lesson includes these topics:

• Relevant Licenses

• Web Usage Control Engines

• Custom URL Categories

• Creating Time Ranges to Use in Policies

• Predefined URL Category Control Settings

• Custom URL Category Control Settings

• Enabling Safe Search and Site Content Ratings

• Configuring Application Visibility Controls

• Configuring Media Bandwidth Limits

• SaaS Access Control Configuration

 

Lesson 4: View Logging and Reporting

Objective: View access log examples and various available usage reports

This lesson includes these topics:

• ACL Tags Associated with URL Filtering

• Access Log Examples

• URL Categories Reports

• Client Web Activity Report

• Client Detail Report

• AVC Report

Hardware Challenge Lab 7: Enforcing Acceptable Use—Advanced Topics

This activity includes these tasks:

• Enforce Safe Search

• Block IP-Based URLs

• Impose Per-User Bandwidth Limits

• Impose AVC Limits

• Create and View Various Reports

• Configure HTTPS Inspection

• Configure HTTPS and Invalid Certificate Handling Inspection

• Configure HTTPS Decryption Policies

 

Module 9: Defending Against Malware

Objective: Defend web reputation scores, configure antimalware scanning using adaptive scanning, configure Cisco Advanced Malware Protection, and utilize HTTPS inspections.

 

Lesson 1: Describe and Configure WBRS

Objective: Describe and configure WBRS

This lesson includes these topics:

• WBRS Actions

• WBRS Parameters

• Cisco DVS Engine

• Webroot vs. McAfee or Sophos

 

Lesson 2: Describe and Configure Antimalware Scanning

Objective: Describe and configure antimalware scanning

This lesson includes these topics:

• Outbound Malware Scanning

• Relevant Licenses

• WBRS Configuration

• Antimalware: Global Configuration

• Antimalware: Per-Policy Configuration

• Destination Settings

 

Lesson 3: Describe and Configure Advanced Malware Protection

Objective: Describe Cisco Advanced Malware Protection, configure the Cisco Advanced Malware Protection file reputation and analysis feature, and access Cisco Advanced Malware Protection reporting

This lesson includes these topics:

• Cisco Advanced Malware Protection

• Cisco Advanced Malware Protection Integration: Decision Flow

• Cisco Advanced Malware Protection File Analysis

• Relevant Cisco Advanced Malware Protection Licensing

• Cisco Advanced Malware Protection Global Configuration

• Cisco Advanced Malware Protection Architecture

• Cisco Advanced Malware Protection Per-Policy Configuration

• Cisco Advanced Malware Protection Reporting

 

Lesson 4: Interpret ACL Tags Relevant to Antimalware

Objective: Define ACL tags and access log entries and access WBRS, antimalware, and client malware risk reports

This lesson includes these topics:

• ACL Tags for WBRS and Cisco DVS

• Access Log Entries

• Access Log Examples

• WBRS Reports

• Antimalware Reports

• Client Malware Risk Reports

Hardware Challenge Lab 8: Defending Against Malware

This activity includes these tasks:

• Use WBRS in Access Policies

• Enabling the Anti-Malware Protection Feature

• Explore Antimalware Engines

• Create and View Antimalware Reports

 

Module 10: Configuring Data Security

Objective: Apply data security policy and test data loss prevention

 

Lesson 1: Configure Data Security

Objective: Configure data security

This lesson includes these topics:

• Data Security

• Multiple Data Security Policies

• Data Security URL Filter Controls

• Data Security Reputation Filters

• Data Security Content Filters

 

Lesson 2: Configure DLP

Objective: Configure DLP

This lesson includes these topics:

• Data Loss Prevention

• Add an ICAP Server

• Create Multiple DLP Policies

• Requests Sent to External DLP

 

Lesson 3: Describe Access and Data Security Logs

Objective: Describe access and data security logs

This lesson includes these topics:

• ACL Tags for Data Security

• Access and Data Security Logs

Hardware Challenge Lab 9: Configuring Data Security

This activity includes these tasks:

• Perform Outbound Malware Scanning

• Create a User-Defined Data Security Policy

 

Module 11: Describing Cisco Cloud Web Security

Objective: Describe the ScanSafe framework, deploy ScanSafe with or without the Web Security Appliance in Cloud Web Security Connector mode, and discuss Cognitive Threat Analytics and Cisco Advanced Malware Protection integration with Cisco Cloud Web Security as an optional license

 

Lesson 1: Describe Cisco Cloud Web Security Features and Benefits

Objective: Describe Cisco Cloud Web Security features and benefits

This lesson includes these topics:

• Cisco Cloud Web Security

• Global Data Center Footprint

• Cloud Proxy

• IPv6 Readiness

 

Lesson 2: Explain Cisco Cloud Attach Model

Objective: Explain the Cisco cloud attach model

This lesson includes these topics:

• Cisco Cloud Attach Model

• Cisco Web Security Appliance Connector

• Cisco Web Security Appliance Connector Features

• Cisco Web Security Appliance Connector Definitions

• Managing the Web with Cisco Cloud Web Security

• URL Filtering

• Application Visibility and Control

• Web Intelligence Reporting

• Flexible Report Output (Grid)

• Flexible Report Output (Pie Chart)

• Time Analysis Trending

• User Audits

• Loss of Productivity

Hardware Challenge Lab 10: Describing Cisco Cloud Web Security

This activity includes these tasks:

• Configure Cisco Cloud Web Security

• Configure Cisco Cloud Web Security Reporting

 

Module 12: Using Cisco AnyConnect Secure Mobility Client

Objective: Integrate the Cisco AnyConnect client with Web Security Appliance and ScanSafe.

 

Lesson 1: Describe Cisco AnyConnect Web Security

Objective: Describe Cisco AnyConnect web security

This lesson includes these topics:

• Cisco AnyConnect Web Security Main Features

• Cisco AnyConnect Web Security

• VPN Client

 

Lesson 2: Integrate the Cisco AnyConnect Secure Mobility Client

Objective: Integrate the Cisco AnyConnect Secure Mobility Client with Cisco Web Security Appliance and Cisco Cloud Web Security

This lesson includes these topics:

• Configuration and Deployment of Cisco AnyConnect Web Security

• Creating the Profile—Proxies

• Creating the Profile—Exceptions

• Creating the Profile—Preferences

• Creating the Profile—Authentication

• Creating the Profile—Advanced

• Dynamic Updates to Cisco AnyConnect Configuration

• Cisco AnyConnect GUI

• Cisco AnyConnect Web Security Messages

• Cisco AnyConnect Web Security Debugging

 

 

Module 13: Performing Administration and Troubleshooting

Objective: Create and customize reports on the Cisco WSA, administer the Cisco WSA, and create and make use of administrative accounts

 

Lesson 1: Describe Report Administration

Objective: Schedule, deliver, archive, and export reports

This lesson includes these topics:

• Reports for Email Delivery

• On-Demand Reports

• Report Archiving and Exporting

 

Lesson 2: Monitor the Cisco Web Security Appliance

Objective: Monitor the Cisco WSA using alerts, SNMP, and reports

This lesson includes these topics:

• Comprehensive System Monitoring Tools

• System Capacity Report

• Log Subscriptions

• Alert Center

 

Course ID: SWSA

2 Days Course
USD 2000.00
 
Singapore (USD)
2 Days Course
USD 1,300.00
or 13 CLC
India (USD)

Show Schedule for 1 Month  3 Months  All 
Date Country Location Register
12 Jun 2017 - 13 Jun 2017 Singapore (USD) Singapore
08 May 2017 - 09 May 2017 India (USD) Bangalore/Chennai
12 Jun 2017 - 13 Jun 2017 India (USD) Bangalore/Chennai