1­-855­-778­-7246
> > > SWSA

Securing the Web with Cisco Web Security Appliance (SWSA)

 

Course Content

The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco® Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.

Who should attend

  • Security architects
  • System designers
  • Network administrators
  • Operations engineers
  • Network managers, network or security technicians, and security engineers and managers responsible for web security
  • Cisco integrators and partners

Certifications

This course is part of the following Certifications:

Prerequisites

To fully benefit from this course, you should have knowledge of these topics:

  • TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
  • IP routing

You are expected to have one or more of the following basic technical competencies or equivalent knowledge:

  • Cisco certification (CCENT certification or higher)
  • Relevant industry certification [International Information System Security Certification Consortium ((ISC)2), Computing Technology Industry Association (CompTIA) Security+, International Council of Electronic Commerce Consultants (EC-Council), Global Information Assurance Certification (GIAC), ISACA]
  • Cisco Networking Academy letter of completion (CCNA 1 and CCNA 2)
  • Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE)], CompTIA (A+, Network+, Server+)


Certification: (300-725 SWSA), which leads to CCNP® Security and the Cisco Certified Specialist - Web Content Security certifications.

Course Objectives

This class will help you:

  • Implement Cisco WSA to secure web gateways, provide malware protection, and use policy controls to address the challenges of securing and controlling web traffic
  • Gain valuable hands-on skills for high-demand responsibilities focused on web security

After taking this course, you should be able to:

  • Describe Cisco WSA
  • Deploy proxy services
  • Utilize authentication
  • Describe decryption policies to control HTTPS traffic
  • Understand differentiated traffic access policies and identification profiles
  • Enforce acceptable use control settings
  • Defend against malware
  • Describe data security and data loss prevention
  • Perform administration and troubleshooting

Follow On Courses

Outline: Securing the Web with Cisco Web Security Appliance (SWSA)

Describing Cisco WSA
  • Technology Use Case
  • Cisco WSA Solution
  • Cisco WSA Features
  • Cisco WSA Architecture
  • Proxy Service
  • Integrated Layer 4 Traffic Monitor
  • Data Loss Prevention
  • Cisco Cognitive Intelligence
  • Management Tools
  • Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration
  • Cisco Content Security Management Appliance (SMA)
Deploying Proxy Services
  • Explicit Forward Mode vs. Transparent Mode
  • Transparent Mode Traffic Redirection
  • Web Cache Control Protocol
  • Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow
  • Proxy Bypass
  • Proxy Caching
  • Proxy Auto-Config (PAC) Files
  • FTP Proxy
  • Socket Secure (SOCKS) Proxy
  • Proxy Access Log and HTTP Headers
  • Customizing Error Notifications with End User Notification (EUN) Pages
Utilizing Authentication
  • Authentication Protocols
  • Authentication Realms
  • Tracking User Credentials
  • Explicit (Forward) and Transparent Proxy Mode
  • Bypassing Authentication with Problematic Agents
  • Reporting and Authentication
  • Re-Authentication
  • FTP Proxy Authentication
  • Troubleshooting Joining Domains and Test Authentication
  • Integration with Cisco Identity Services Engine (ISE)
Creating Decryption Policies to Control HTTPS Traffic
  • Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview
  • Certificate Overview
  • Overview of HTTPS Decryption Policies
  • Activating HTTPS Proxy Function
  • Access Control List (ACL) Tags for HTTPS Inspection
  • Access Log Examples
Understanding Differentiated Traffic Access Policies and Identification Profiles
  • Overview of Access Policies
  • Access Policy Groups
  • Overview of Identification Profiles
  • Identification Profiles and Authentication
  • Access Policy and Identification Profiles Processing Order
  • Other Policy Types
  • Access Log Examples
  • ACL Decision Tags and Policy Groups
  • Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications
Defending Against Malware
  • Web Reputation Filters
  • Anti-Malware Scanning
  • Scanning Outbound Traffic
  • Anti-Malware and Reputation in Policies
  • File Reputation Filtering and File Analysis
  • Cisco Advanced Malware Protection
  • File Reputation and Analysis Features
  • Integration with Cisco Cognitive Intelligence
Enforcing Acceptable Use Control Settings
  • Controlling Web Usage
  • URL Filtering
  • URL Category Solutions
  • Dynamic Content Analysis Engine
  • Web Application Visibility and Control
  • Enforcing Media Bandwidth Limits
  • Software as a Service (SaaS) Access Control
  • Filtering Adult Content
Data Security and Data Loss Prevention
  • Data Security
  • Cisco Data Security Solution
  • Data Security Policy Definitions
  • Data Security Logs
Performing Administration and Troubleshooting
  • Monitor the Cisco Web Security Appliance
  • Cisco WSA Reports
  • Monitoring System Activity Through Logs
  • System Administration Tasks
  • Troubleshooting
  • Command Line Interface
References
  • Comparing Cisco WSA Models
  • Comparing Cisco SMA Models
  • Overview of Connect, Install, and Configure
  • Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template
  • Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks
  • Connecting to the Cisco Web Security Virtual Appliance
  • Enabling Layer 4 Traffic Monitor (L4TM)
  • Accessing and Running the System Setup Wizard
  • Reconnecting to the Cisco Web Security Appliance
  • High Availability Overview
  • Hardware Redundancy
  • Introducing Common Address Redundancy Protocol (CARP)
  • Configuring Failover Groups for High Availability
  • Feature Comparison Across Traffic Redirection Options
  • Architecture Scenarios When Deploying Cisco AnyConnect® Secure Mobility
Lab outline
  • Configure the Cisco Web Security Appliance
  • Deploy Proxy Services
  • Configure Proxy Authentication
  • Configure HTTPS Inspection
  • Create and Enforce a Time/Date-Based Acceptable Use Policy
  • Configure Advanced Malware Protection
  • Configure Referrer Header Exceptions
  • Utilize Third-Party Security Feeds and MS Office 365 External Feed
  • Validate an Intermediate Certificate
  • View Reporting Services and Web Tracking
  • Perform Centralized Cisco AsyncOS Software Upgrade Using Cisco SMA
Classroom Training

Duration 2 days

Price
  • Canada: CAD 2,395
  • Cisco Learning Credits: 22 CLC
Online Training

Duration 2 days

Price
  • Canada: CAD 2,395
  • Cisco Learning Credits: 22 CLC
 
Click on town name to book Schedule
This is an Instructor-Led Classroom course
Fast Lane will carry out all guaranteed training regardless of the number of attendees, exempt from force majeure or other unexpected events, like e.g. accidents or illness of the trainer, which prevent the course from being conducted.
This class will become guaranteed to run with one more student registration.
This computer icon in the schedule indicates that this date/time will be conducted as Instructor-Led Online Training.
This is a FLEX course, which is delivered both virtually and in the classroom.
Canada
Nov 14-15, 2019 Online Training 09:00 Canada/Central Enroll
United States
Nov 14-15, 2019 Guaranteed to Run Online Training 09:00 US/Central Enroll

Fast Lane Flex™ Classroom If you can't find a suitable date, don't forget to check our world-wide FLEX™ training schedule.

Europe
Germany
Nov 14-15, 2019 Munich Enroll
Jan 30-31, 2020 Düsseldorf Enroll
Mar 5-6, 2020 Frankfurt Enroll
Apr 2-3, 2020 Berlin Enroll
May 4-5, 2020 Münster Enroll
Jun 8-9, 2020 Munich Enroll
Jul 2-3, 2020 Hamburg Enroll
Jul 30-31, 2020 Berlin Enroll
Aug 27-28, 2020 Frankfurt Enroll
Sep 24-25, 2020 Düsseldorf Enroll
Oct 22-23, 2020 Hamburg Enroll
Nov 26-27, 2020 Munich Enroll
Czech Republic
Nov 11-12, 2019 This is a FLEX event Prague Course language: English Enroll
Online Training Time zone: Europe/Prague Enroll
France
Nov 28-29, 2019 Paris Enroll
Feb 6-7, 2020 Paris Enroll
Apr 9-10, 2020 Paris Enroll
Italy
Dec 19-20, 2019 Milan Enroll
Portugal
Nov 28-29, 2019 Lisbon Enroll
Jan 27-28, 2020 Lisbon Enroll
Jul 13-14, 2020 Lisbon Enroll
Spain
Nov 21-22, 2019 Madrid Enroll
Jan 20-21, 2020 Madrid Enroll
Jul 6-7, 2020 Madrid Enroll
United Kingdom
Apr 2-3, 2020 This is a FLEX event London, City Enroll
Online Training Time zone: Europe/London Enroll
Latin America
Brazil
Nov 4-5, 2019 Online Training Time zone: America/Sao_Paulo Enroll
Colombia
Oct 21-22, 2019 Online Training Time zone: America/Bogota Enroll
Middle East
Qatar
Oct 2-3, 2019 Doha Course language: English Enroll
United Arab Emirates
Oct 2-3, 2019 Dubai Course language: English This course is being delivered by iTLS. Enroll
Dec 11-12, 2019 Dubai Course language: English This course is being delivered by iTLS. Enroll
Feb 19-20, 2020 Dubai Course language: English This course is being delivered by iTLS. Enroll
May 20-21, 2020 Dubai Course language: English This course is being delivered by iTLS. Enroll
Aug 26-27, 2020 Dubai Course language: English This course is being delivered by iTLS. Enroll
Nov 18-19, 2020 Dubai Course language: English This course is being delivered by iTLS. Enroll
Africa
Egypt
Oct 2-3, 2019 Cairo Course language: English Enroll
Dec 11-12, 2019 Cairo Course language: English Enroll
Feb 12-13, 2020 Cairo Course language: English Enroll
May 13-14, 2020 Cairo Course language: English Enroll
Jul 15-16, 2020 Cairo Course language: English Enroll
Nov 18-19, 2020 Cairo Course language: English Enroll