Cisco

Securing the Web with Cisco Web Security Appliance

CI–SWSA

Type

Virtual

Classroom ILT

Skill Level

Cisco: Professional

Available dates

Learning Path

Security

Virtual

Duration

2 Days

1 Day

TYPE

Virtual

Classroom ILT

LEARNING PATH

Security

SKILL LEVEL

Cisco: Professional

DURATION

2 Days

AVAILABLE DATES

Available on request.

For more information click on button below

Introduction:

The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.

This class will help you:

Implement Cisco WSA to secure web gateways, provide malware protection, and use policy controls to address the challenges of securing and controlling web traffic
Gain valuable hands-on skills for high-demand responsibilities focused on web security

Audience profile:

Security architects
System designers
Network administrators
Operations engineers
Network managers, network or security technicians, and security engineers and managers responsible for web security
Cisco integrators and partners

Pre-requisites:

To fully benefit from this course, you should have knowledge of these topics:

TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
IP routing

You are expected to have one or more of the following basic technical competencies or equivalent knowledge:

Cisco certification (CCENT certification or higher)
Relevant industry certification [International Information System Security Certification Consortium ((ISC)2), Computing Technology Industry Association (CompTIA) Security+, International Council of Electronic Commerce Consultants (EC Council), Global Information Assurance Certification (GIAC), ISACA]
Cisco Networking Academy letter of completion (CCNA 1 and CCNA 2)
Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE)], CompTIA (A+, Network+, Server+)

Cisco learning offerings that contribute to recommended skills and knowledge:

Web security training resources

Course objectives:

After completing this course, students will be able to:

Describe Cisco WSA
Deploy proxy services
Utilize authentication
Describe decryption policies to control HTTPS traffic
Understand differentiated traffic access policies and identification profiles
Enforce acceptable use control settings
Defend against malware
Describe data security and data loss prevention
Perform administration and troubleshooting

Course content

Describing Cisco WSA
Technology Use Case	Data Loss Prevention
Cisco WSA Solution	Cisco Cognitive Intelligence
Cisco WSA Features	Management Tools
Cisco WSA Architecture	Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration
Proxy Service	Cisco Content Security Management Appliance (SMA)
Integrated Layer 4 Traffic Monitor
Deploying Proxy Services
Explicit Forward Mode vs. Transparent Mode	Proxy Auto-Config (PAC) Files
Transparent Mode Traffic Redirection	FTP Proxy
Web Cache Control Protocol	Socket Secure (SOCKS) Proxy
Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow	Proxy Access Log and HTTP Headers
Proxy Bypass	Customizing Error Notifications with End User Notification (EUN) Pages
Proxy Caching
Utilizing Authentication
Authentication Protocols	Reporting and Authentication
Authentication Realms	Re-Authentication
Tracking User Credentials	FTP Proxy Authentication
Explicit (Forward) and Transparent Proxy Mode	Troubleshooting Joining Domains and Test Authentication
Bypassing Authentication with Problematic Agents	Integration with Cisco Identity Services Engine (ISE)
Creating Decryption Policies to Control HTTPS Traffic
Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview	Activating HTTPS Proxy Function
Certificate Overview	Access Control List (ACL) Tags for HTTPS Inspection
Overview of HTTPS Decryption Policies	Access Log Examples
Understanding Differentiated Traffic Access Policies and Identification Profiles
Overview of Access Policies Access Policy Groups	Other Policy Types
Overview of Identification Profiles	Access Log Examples
Identification Profiles and Authentication	ACL Decision Tags and Policy Groups
Access Policy and Identification Profiles Processing Order	Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications
Defending Against Malware
Web Reputation Filters	File Reputation Filtering and File Analysis
Anti-Malware Scanning	Cisco Advanced Malware Protection
Scanning Outbound Traffic	File Reputation and Analysis Features
Anti-Malware and Reputation in Policies	Integration with Cisco Cognitive Intelligence
Enforcing Acceptable Use Control Settings
Controlling Web Usage	Enforcing Media Bandwidth Limits
URL Filtering	Software as a Service (SaaS) Access Control
URL Category Solutions	Filtering Adult Content
Dynamic Content Analysis Engine	Web Application Visibility and Control
Data Security and Data Loss Prevention
Data Security	Data Security Logs
Cisco Data Security Solution	Data Security Policy Definitions
Performing Administration and Troubleshooting
Monitor the Cisco Web Security Appliance	Command Line Interface
Cisco WSA Reports	System Administration Tasks
Monitoring System Activity Through Logs	Troubleshooting
References
Comparing Cisco WSA Models Comparing Cisco SMA Models	Hardware Redundancy
Overview of Connect, Install, and Configure Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template	Introducing Common Address Redundancy Protocol (CARP)
Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks Connecting to the Cisco Web Security Virtual Appliance	Configuring Failover Groups for High Availability
Enabling Layer 4 Traffic Monitor (L4TM) Accessing and Running the System Setup Wizard	Feature Comparison Across Traffic Redirection Options
Reconnecting to the Cisco Web Security Appliance High Availability Overview	Architecture Scenarios When Deploying Cisco AnyConnect Secure Mobility
Lab outline
Configure the Cisco Web Security Appliance	Configure Referrer Header Exceptions
Deploy Proxy Services	Utilize Third-Party Security Feeds and MS Office 365 External Feed
Configure Proxy Authentication	Validate an Intermediate Certificate
Configure HTTPS Inspection	View Reporting Services and Web Tracking
Create and Enforce a Time/Date-Based Acceptable Use Policy	Perform Centralized Cisco AsyncOS Software Upgrade Using Cisco SMA
Configure Advanced Malware Protection

Cisco Overview

Torque IT is one South Africa’s larger and more experienced providers of Authorized Cisco training. We run more courses more often, than any other training provider in South Africa and we guarantee that you will receive the most up to date and relevant technical course information available when you attend Cisco training courses at Torque IT.

Our standard and customized Cisco training courses are hands-on. When you attend training at Torque IT, you will implement the concepts that you learn using current Cisco equipment or Cisco Learning Labs (CLL), in real-world scenarios, to prepare you for real networking environments and the associated Cisco Certification examinations. Our authorized Cisco training and associated certification solutions empower you to design, sell, implement, troubleshoot and maintain Cisco implementations of any size.

The above serves to illustrate our commitment to providing you with high quality skills development, enablement, training and certification solutions that demonstrate exceptional depth, breadth, and expertise across Routing & Switching, Network Security, Cyber Security, Wireless LAN, Industrial (IoT), Unified Communications, Cloud, Data Center Unified Fabric, Unified Computing Systems, Service Provider, Network Programmability, Software Defined Networking and IP NGN technologies.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Securing the Web with Cisco Web Security Appliance

Type

Skill Level

Available dates

Learning Path

Duration

TYPE

Virtual

Classroom ILT

LEARNING PATH

SKILL LEVEL

DURATION

AVAILABLE DATES

Cisco Overview

contact

Vendor
Authorised

Details

Menu

newsletter

Securing the Web with Cisco Web Security Appliance

Type

Skill Level

Available dates

Learning Path

Duration

TYPE

Virtual

Classroom ILT

LEARNING PATH

SKILL LEVEL

DURATION

AVAILABLE DATES

Cisco Overview

contact

Vendor Authorised

Details

Menu

newsletter

Vendor
Authorised