Securing the Web with Cisco Web Security Appliance

  • Tuition USD $2,195
  • Reviews star_rate star_rate star_rate star_rate star_half 1110 Ratings
  • Course Code SWSA
  • Duration 2 days
  • Available Formats Classroom, Virtual

The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco® Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.

Skills Gained

After taking this course, you should be able to:

  • Describe Cisco WSA
  • Deploy proxy services
  • Utilize authentication
  • Describe decryption policies to control HTTPS traffic
  • Understand differentiated traffic access policies and identification profiles
  • Enforce acceptable use control settings
  • Defend against malware
  • Describe data security and data loss prevention
  • Perform administration and troubleshooting

Who Can Benefit

  • Security architects
  • System designers
  • Network administrators
  • Operations engineers
  • Network managers, network or security technicians, and security engineers and managers responsible for web security
  • Cisco integrators and partners

Prerequisites

To fully benefit from this course, you should have knowledge of these topics: TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS IP routing You are expected to have one or more of the following basic technical competencies or equivalent knowledge: Cisco certification (CCENT certification or higher) Relevant industry certification [International Information System Security Certification Consortium ((ISC)2), Computing Technology Industry Association (CompTIA) Security+, International Council of Electronic Commerce Consultants (EC-Council), Global Information Assurance Certification (GIAC), ISACA] Cisco Networking Academy letter of completion (CCNA® 1 and CCNA 2) Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE)], CompTIA (A+, Network+, Server+)

Course Details

Outline

Describing Cisco WSA

  • Technology Use Case
  • Cisco WSA Solution
  • Cisco WSA Features
  • Cisco WSA Architecture
  • Proxy Service
  • Integrated Layer 4 Traffic Monitor
  • Data Loss Prevention
  • Cisco Cognitive Intelligence
  • Management Tools
  • Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration
  • Cisco Content Security Management Appliance (SMA)

Deploying Proxy Services

  • Explicit Forward Mode vs. Transparent Mode
  • Transparent Mode Traffic Redirection
  • Web Cache Control Protocol
  • Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow
  • Proxy Bypass
  • Proxy Caching
  • Proxy Auto-Config (PAC) Files
  • FTP Proxy
  • Socket Secure (SOCKS) Proxy
  • Proxy Access Log and HTTP Headers
  • Customizing Error Notifications with End User Notification (EUN) Pages

Utilizing Authentication

  • Authentication Protocols
  • Authentication Realms
  • Tracking User Credentials
  • Explicit (Forward) and Transparent Proxy Mode
  • Bypassing Authentication with Problematic Agents
  • Reporting and Authentication
  • Re-Authentication
  • FTP Proxy Authentication
  • Troubleshooting Joining Domains and Test Authentication
  • Integration with Cisco Identity Services Engine (ISE)

Creating Decryption Policies to Control HTTPS Traffic

  • Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview
  • Certificate Overview
  • Overview of HTTPS Decryption Policies
  • Activating HTTPS Proxy Function
  • Access Control List (ACL) Tags for HTTPS Inspection
  • Access Log Examples

Understanding Differentiated Traffic Access Policies and Identification Profiles

  • Overview of Access Policies
  • Access Policy Groups
  • Overview of Identification Profiles
  • Identification Profiles and Authentication
  • Access Policy and Identification Profiles Processing Order
  • Other Policy Types
  • Access Log Examples
  • ACL Decision Tags and Policy Groups
  • Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications

Defending Against Malware

  • Web Reputation Filters
  • Anti-Malware Scanning
  • Scanning Outbound Traffic
  • Anti-Malware and Reputation in Policies
  • File Reputation Filtering and File Analysis
  • Cisco Advanced Malware Protection
  • File Reputation and Analysis Features
  • Integration with Cisco Cognitive Intelligence

Enforcing Acceptable Use Control Settings

  • Controlling Web Usage
  • URL Filtering
  • URL Category Solutions
  • Dynamic Content Analysis Engine
  • Web Application Visibility and Control
  • Enforcing Media Bandwidth Limits
  • Software as a Service (SaaS) Access Control
  • Filtering Adult Content

Data Security and Data Loss Prevention

  • Data Security
  • Cisco Data Security Solution
  • Data Security Policy Definitions
  • Data Security Logs

Performing Administration and Troubleshooting

  • Monitor the Cisco Web Security Appliance
  • Cisco WSA Reports
  • Monitoring System Activity Through Logs
  • System Administration Tasks
  • Troubleshooting
  • Command Line Interface

References

  • Comparing Cisco WSA Models
  • Comparing Cisco SMA Models
  • Overview of Connect, Install, and Configure
  • Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template
  • Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks
  • Connecting to the Cisco Web Security Virtual Appliance
  • Enabling Layer 4 Traffic Monitor (L4TM)
  • Accessing and Running the System Setup Wizard
  • Reconnecting to the Cisco Web Security Appliance
  • High Availability Overview
  • Hardware Redundancy
  • Introducing Common Address Redundancy Protocol (CARP)
  • Configuring Failover Groups for High Availability
  • Feature Comparison Across Traffic Redirection Options
  • Architecture Scenarios When Deploying Cisco AnyConnect® Secure Mobility

Lab Outline

  • Configure the Cisco Web Security Appliance
  • Deploy Proxy Services
  • Configure Proxy Authentication
  • Configure HTTPS Inspection
  • Create and Enforce a Time/Date-Based Acceptable Use Policy
  • Configure Advanced Malware Protection
  • Configure Referrer Header Exceptions
  • Utilize Third-Party Security Feeds and MS Office 365 External Feed
  • Validate an Intermediate Certificate
  • View Reporting Services and Web Tracking
  • Perform Centralized Cisco AsyncOS Software Upgrade Using Cisco SMA

When does class start/end?

Classes begin promptly at 9:00 am, and typically end at 5:00 pm.

Does the course schedule include a Lunchbreak?

Lunch is normally an hour long and begins at noon. Coffee, tea, hot chocolate and juice are available all day in the kitchen. Fruit, muffins and bagels are served each morning. There are numerous restaurants near each of our centers, and some popular ones are indicated on the Area Map in the Student Welcome Handbooks - these can be picked up in the lobby or requested from one of our ExitCertified staff.

How can someone reach me during class?

If someone should need to contact you while you are in class, please have them call the center telephone number and leave a message with the receptionist.

What languages are used to deliver training?

Most courses are conducted in English, unless otherwise specified. Some courses will have the word "FRENCH" marked in red beside the scheduled date(s) indicating the language of instruction.

What does GTR stand for?

GTR stands for Guaranteed to Run; if you see a course with this status, it means this event is confirmed to run. View our GTR page to see our full list of Guaranteed to Run courses.

Does ExitCertified deliver group training?

Yes, we provide training for groups, individuals and private on sites. View our group training page for more information.

Does ExitCertified deliver group training?

Yes, we provide training for groups, individuals, and private on sites. View our group training page for more information.

Informative class with great instructure who was able to walk through the course material, answer all questions, and give great examples.

Kudos to EC, with excellent trainers and a highly satisfying learning experience. The environment was clean and welcoming, and the team was very accommodating.

I was really happy with the overall experience of attending a remote course through ExitCeritfied.

TX3181/3191 Courses. Really good course, highly recommended for TWS/D users.

I am overall very impressed with ExitCertified/Tech Data regarding the Spring Core class outline and iMVP delivery format.

2 options available

undo
  • Jan 18, 2021 Jan 19, 2021 (2 days)
    Location
    Virtual
    Language
    English
    Time
    9:00 AM 5:00 PM CST
    Enroll
    Enroll
  • Mar 22, 2021 Mar 23, 2021 (2 days)
    Location
    Virtual
    Language
    English
    Time
    9:00 AM 5:00 PM CDT
    Enroll
    Enroll
Contact Us 1-800-803-3948
Contact Us Live Chat
FAQ Get immediate answers to our most frequently asked qestions. View FAQs arrow_forward