Securing The Web With Cisco Web Seucrity Appliance

Cisco Ironport Web Security Appliance

Introduction

The Cisco Web Security Appliance (WSA) is the first secure web gateway to combine advanced malware protection, application visibility and control (AVC), acceptable use policy controls, reporting, and secure mobility on a single platform.

This helps organizations to address the growing challenges of securing and controlling web traffic.

How Cisco WSA does this..???

The Cisco WSA does this by enabling –

·        Simpler & faster deployment

·        Less maintenance requirements,

·        Reduced latency, and lower operating costs.

Cisco WSA “Set and forget” technology frees up networking staff once the initial automated policy settings go live, and automatic security updates are pushed to network devices every 3 to 5 minutes.

Cisco WSA provides flexible deployment options and integration with the existing security infrastructure and help customers meet demanding business needs.

What is the other option apart from getting the Cisco WSA Hardware appliance shipped??

There is no need to buy and ship appliances. One can go for Cisco Web Security Virtual Appliance (vWSA) which significantly lowers the cost of deploying web security, especially in the environment with highly distributed networks, where administrators create security instances where and when they are needed. 

The vWSA or WSAV is a software version of the WSA that runs on top of a VMware ESXi hypervisor / VMware workstation /Cisco UCS servers.

What is cool about Cisco WSA??

SIO- Security Intelligence Operations

Cisco SIO provides a 24x7 view into global traffic activity to analyze anomalies, uncover new threats, monitor and analyze traffic trends.

SIO prevents zero-hour attacks by continually generating new rules that feed updates to the WSA every 3 to 5 minutes, providing industry-leading threat defense.

Cisco Web Usage Control with DCA

Cisco’s continuously updated URL filtering database of over 50 million blocked sites provides exceptional coverage for known websites, and the Dynamic Content Analysis (DCA) engine accurately identifies 90 percent of unknown URLs in real time; it scans text, scores the text for relevancy, calculates model document proximity and returns the closest category match.

Real Time Malware Defense

Defend against malware and other threats using multiple layers of anti-malware technologies.

 

Cisco Web Reputation Filters analyze more than 200 different web traffic. Administrators can run multiple anti-malware scanning engines in parallel on a single appliance.

   The Adaptive scanning dynamically selects the most relevant scanner based on URL reputation, content type, and efficiency of the scanner and improves the catch rate by scanning high-risk objects first during increased scan loads.

  The Layer 4 Traffic Monitor effectively stops malware that attempts to bypass classic web security solutions. It dynamically adds IP addresses of known malware domains to its list of malicious entities to block.

Application Visibility and Control (AVC)

Easily control the use of hundreds of Web 2.0 applications and 150,000+ micro-applications. Granular policy control allows administrators to permit the use of applications such as Dropbox or Facebook while blocking users from activities such as uploading documents or clicking the “Like” button.