1­-855­-778­-7246
> > > SWSA

Securing the Web with Cisco Web Security Appliance (SWSA)

 

Course Overview

Does your course booking qualify for free e-learning (and a cool Fast Lane t-shirt)? Find out with our new Gear that Rules promo!

Course Content

  • Describing Cisco WSA
  • Deploying Proxy Services
  • Utilizing Authentication
  • Creating Decryption Policies to Control HTTPS Traffic
  • Understanding Differentiated Traffic Access Policies and Identification Profiles
  • Defending Against Malware
  • Enforcing Acceptable Use Control Settings
  • Data Security and Data Loss Prevention
  • Performing Administration and Troubleshooting
  • References

Who should attend

  • Security architects
  • System designers
  • Network administrators
  • Operations engineers
  • Network managers, network or security technicians, and security engineers and managers responsible for web security
  • Cisco integrators and partners

Prerequisites

To fully benefit from this course, you should have knowledge of these topics:

  • TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
  • IP routing

You are expected to have one or more of the following basic technical competencies or equivalent knowledge:

  • Cisco certification (CCENT certification or higher)
  • Relevant industry certification [International Information System Security Certification Consortium ((ISC)2), Computing Technology Industry Association (CompTIA) Security+, International Council of Electronic Commerce Consultants (EC-Council), Global Information Assurance Certification (GIAC), ISACA]
  • Cisco Networking Academy letter of completion (CCNA 1 and CCNA 2)
  • Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE)], CompTIA (A+, Network+, Server+)

Course Objectives

The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco® Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.

This class will help you:

  • Implement Cisco WSA to secure web gateways, provide malware protection, and use policy controls to address the challenges of securing and controlling web traffic
  • Gain valuable hands-on skills for high-demand responsibilities focused on web security

After taking this course, you should be able to:

  • Describe Cisco WSA
  • Deploy proxy services
  • Utilize authentication
  • Describe decryption policies to control HTTPS traffic
  • Understand differentiated traffic access policies and identification profiles
  • Enforce acceptable use control settings
  • Defend against malware
  • Describe data security and data loss prevention
  • Perform administration and troubleshooting

Follow On Courses

Outline: Securing the Web with Cisco Web Security Appliance (SWSA)

Describing Cisco WSA
  • Technology Use Case
  • Cisco WSA Solution
  • Cisco WSA Features
  • Cisco WSA Architecture
  • Proxy Service
  • Integrated Layer 4 Traffic Monitor
  • Data Loss Prevention
  • Cisco Cognitive Intelligence
  • Management Tools
  • Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration
  • Cisco Content Security Management Appliance (SMA)
Deploying Proxy Services
  • Explicit Forward Mode vs. Transparent Mode
  • Transparent Mode Traffic Redirection
  • Web Cache Control Protocol
  • Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow
  • Proxy Bypass
  • Proxy Caching
  • Proxy Auto-Config (PAC) Files
  • FTP Proxy
  • Socket Secure (SOCKS) Proxy
  • Proxy Access Log and HTTP Headers
  • Customizing Error Notifications with End User Notification (EUN) Pages
Utilizing Authentication
  • Authentication Protocols
  • Authentication Realms
  • Tracking User Credentials
  • Explicit (Forward) and Transparent Proxy Mode
  • Bypassing Authentication with Problematic Agents
  • Reporting and Authentication
  • Re-Authentication
  • FTP Proxy Authentication
  • Troubleshooting Joining Domains and Test Authentication
  • Integration with Cisco Identity Services Engine (ISE)
Creating Decryption Policies to Control HTTPS Traffic
  • Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview
  • Certificate Overview
  • Overview of HTTPS Decryption Policies
  • Activating HTTPS Proxy Function
  • Access Control List (ACL) Tags for HTTPS Inspection
  • Access Log Examples
Understanding Differentiated Traffic Access Policies and Identification Profiles
  • Overview of Access Policies
  • Access Policy Groups
  • Overview of Identification Profiles
  • Identification Profiles and Authentication
  • Access Policy and Identification Profiles Processing Order
  • Other Policy Types
  • Access Log Examples
  • ACL Decision Tags and Policy Groups
  • Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications
Defending Against Malware
  • Web Reputation Filters
  • Anti-Malware Scanning
  • Scanning Outbound Traffic
  • Anti-Malware and Reputation in Policies
  • File Reputation Filtering and File Analysis
  • Cisco Advanced Malware Protection
  • File Reputation and Analysis Features
  • Integration with Cisco Cognitive Intelligence
Enforcing Acceptable Use Control Settings
  • Controlling Web Usage
  • URL Filtering
  • URL Category Solutions
  • Dynamic Content Analysis Engine
  • Web Application Visibility and Control
  • Enforcing Media Bandwidth Limits
  • Software as a Service (SaaS) Access Control
  • Filtering Adult Content
Data Security and Data Loss Prevention
  • Data Security
  • Cisco Data Security Solution
  • Data Security Policy Definitions
  • Data Security Logs
Performing Administration and Troubleshooting
  • Monitor the Cisco Web Security Appliance
  • Cisco WSA Reports
  • Monitoring System Activity Through Logs
  • System Administration Tasks
  • Troubleshooting
  • Command Line Interface
References
  • Comparing Cisco WSA Models
  • Comparing Cisco SMA Models
  • Overview of Connect, Install, and Configure
  • Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template
  • Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks
  • Connecting to the Cisco Web Security Virtual Appliance
  • Enabling Layer 4 Traffic Monitor (L4TM)
  • Accessing and Running the System Setup Wizard
  • Reconnecting to the Cisco Web Security Appliance
  • High Availability Overview
  • Hardware Redundancy
  • Introducing Common Address Redundancy Protocol (CARP)
  • Configuring Failover Groups for High Availability
  • Feature Comparison Across Traffic Redirection Options
  • Architecture Scenarios When Deploying Cisco AnyConnect® Secure Mobility
Lab outline
  • Configure the Cisco Web Security Appliance
  • Deploy Proxy Services
  • Configure Proxy Authentication
  • Configure HTTPS Inspection
  • Create and Enforce a Time/Date-Based Acceptable Use Policy
  • Configure Advanced Malware Protection
  • Configure Referrer Header Exceptions
  • Utilize Third-Party Security Feeds and MS Office 365 External Feed
  • Validate an Intermediate Certificate
  • View Reporting Services and Web Tracking
  • Perform Centralized Cisco AsyncOS Software Upgrade Using Cisco SMA
Classroom Training

Duration 2 days

Price
  • Canada: CAD 2,395
  • Cisco Learning Credits: 22 CLC
Online Training

Duration 2 days

Price
  • Canada: CAD 2,395
  • Cisco Learning Credits: 22 CLC
 
Click on town name to book Schedule
This is an Instructor-Led Classroom course
This class will become guaranteed to run with one more student registration.
This computer icon in the schedule indicates that this date/time will be conducted as Instructor-Led Online Training.
This is a FLEX course, which is delivered both virtually and in the classroom.
Canada
Aug 22-23, 2019 Online Training 09:00 Canada/Eastern Enroll
Nov 14-15, 2019 Online Training 09:00 Canada/Central Enroll
United States
Aug 22-23, 2019 Online Training 09:00 US/Eastern Enroll
Nov 14-15, 2019 Online Training 09:00 US/Central Enroll
Europe
Germany
Aug 15-16, 2019 Düsseldorf Enroll
Nov 14-15, 2019 Munich Enroll
Jan 30-31, 2020 Düsseldorf Enroll
Mar 5-6, 2020 Frankfurt Enroll
Apr 2-3, 2020 Berlin Enroll
May 4-5, 2020 Münster Enroll
Jun 8-9, 2020 Munich Enroll
Jul 2-3, 2020 Hamburg Enroll
Jul 30-31, 2020 Berlin Enroll
Aug 27-28, 2020 Frankfurt Enroll
Czech Republic
Nov 11-12, 2019 This is a FLEX event Prague Course language: English Enroll
Online Training Time zone: Europe/Prague Enroll
France
Sep 12-13, 2019 Paris Enroll
Nov 28-29, 2019 Paris Enroll
Feb 6-7, 2020 Paris Enroll
Apr 9-10, 2020 Paris Enroll
Hungary
Sep 16-17, 2019 This is a FLEX event Budapest Course language: English Enroll
Online Training Time zone: Europe/Budapest Enroll
Italy
Sep 19-20, 2019 Rome Enroll
Dec 19-20, 2019 Milan Enroll
Portugal
Nov 28-29, 2019 Lisbon Enroll
Spain
Nov 21-22, 2019 Madrid Enroll
Switzerland
Aug 29-30, 2019 Zurich Enroll
United Kingdom
Sep 12-13, 2019 This is a FLEX event London, City Enroll
Online Training Time zone: Europe/London Enroll
Latin America
Brazil
Sep 2-3, 2019 Online Training Time zone: America/Sao_Paulo Enroll
Nov 4-5, 2019 Online Training Time zone: America/Sao_Paulo Enroll
Chile
Aug 26-27, 2019 Online Training Time zone: America/Santiago Enroll
Colombia
Oct 21-22, 2019 Online Training Time zone: America/Bogota Enroll
Middle East
Qatar
Oct 2-3, 2019 Doha Course language: English Enroll
United Arab Emirates
Oct 2-3, 2019 Dubai Course language: English This course is being delivered by iTLS. Enroll
Dec 11-12, 2019 Dubai Course language: English This course is being delivered by iTLS. Enroll
Africa
Egypt
Oct 2-3, 2019 Cairo Course language: English Enroll
Dec 11-12, 2019 Cairo Course language: English Enroll