-
This course shows you how to implement, use, and maintain Cisco® Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.
-
Course Contents
-
- Describing Cisco WSA
- Deploying Proxy Services
- Utilizing Authentication
- Creating Decryption Policies to Control HTTPS Traffic
- Understanding Differentiated Traffic Access Policies and Identification Profiles
- Defending Against Malware
- Enforcing Acceptable Use Control Settings
- Data Security and Data Loss Prevention
- Performing Administration and Troubleshooting
- References
You will receive the original course documentation from Cisco in English language as a Cisco E-Book. In the Cisco Digital Learning Version, the content of the courseware is integrated into the learning interface instead.
-
Target Group
-
- Security architects
- System designers
- Network administrators
- Operations engineers
- Network managers, network or security technicians, and security engineers and managers responsible for web security
- Cisco integrators and partners
-
Knowledge Prerequisites
-
To fully benefit from this course, you should have knowledge of these topics:
- TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
- IP routing
You are expected to have one or more of the following basic technical competencies or equivalent knowledge:
- Cisco certification (CCENT certification or higher)
- Relevant industry certification [International Information System Security Certification Consortium ((ISC)2), Computing Technology Industry Association (CompTIA) Security+, International Council of Electronic Commerce Consultants (EC-Council), Global Information Assurance Certification (GIAC), ISACA]
- Cisco Networking Academy letter of completion (CCNA 1 and CCNA 2)
- Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE)], CompTIA (A+, Network+, Server+)
-
Complementary and Continuative Courses
-
SCOR – Implementing and Operating Cisco Security Core Technologies
SSNGFW – Securing Networks with Cisco Firepower Next Generation Firewall
SSFIPS – Securing Cisco Networks with Cisco Firepower Next-Generation IPS
SISE – Implementing and Configuring Cisco Identity Services Engine
SVPN – Implementing Secure Solutions with Virtual Private Networks
SESA – Securing Email with Cisco Email Security Appliance
SAUI – Implementing Automation for Cisco Security Solutions -
Course Objective
-
This course helps you prepare to take the exam, Securing the Web with Cisco Web Security Appliance (300-725 SWSA), which leads to CCNP® Security and the Cisco Certified Specialist - Web Content Security.
| Describing Cisco WSA |
| • Technology Use Case |
| • Cisco WSA Solution |
| • Cisco WSA Features |
| • Cisco WSA Architecture |
| • Proxy Service |
| • Integrated Layer 4 Traffic Monitor |
| • Data Loss Prevention |
| • Cisco Cognitive Intelligence |
| • Management Tools |
| • Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration |
| • Cisco Content Security Management Appliance (SMA) |
| Deploying Proxy Services |
| • Explicit Forward Mode vs. Transparent Mode |
| • Transparent Mode Traffic Redirection |
| • Web Cache Control Protocol |
| • Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow |
| • Proxy Bypass |
| • Proxy Caching |
| • Proxy Auto-Config (PAC) Files |
| • FTP Proxy |
| • Socket Secure (SOCKS) Proxy |
| • Proxy Access Log and HTTP Headers |
| • Customizing Error Notifications with End User Notification (EUN) Pages |
| Utilizing Authentication |
| • Authentication Protocols |
| • Authentication Realms |
| • Tracking User Credentials |
| • Explicit (Forward) and Transparent Proxy Mode |
| • Bypassing Authentication with Problematic Agents |
| • Reporting and Authentication |
| • Re-Authentication |
| • FTP Proxy Authentication |
| • Troubleshooting Joining Domains and Test Authentication |
| • Integration with Cisco Identity Services Engine (ISE) |
| Creating Decryption Policies to Control HTTPS Traffic |
| • Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview |
| • Certificate Overview |
| • Overview of HTTPS Decryption Policies |
| • Activating HTTPS Proxy Function |
| • Access Control List (ACL) Tags for HTTPS Inspection |
| • Access Log Examples |
| Understanding Differentiated Traffic Access Policies and Identification Profiles |
| • Overview of Access Policies |
| • Access Policy Groups |
| • Overview of Identification Profiles |
| • Identification Profiles and Authentication |
| • Access Policy and Identification Profiles Processing Order |
| • Other Policy Types |
| • Access Log Examples |
| • ACL Decision Tags and Policy Groups |
| • Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications |
| Defending Against Malware |
| • Web Reputation Filters |
| • Anti-Malware Scanning |
| • Scanning Outbound Traffic |
| • Anti-Malware and Reputation in Policies |
| • File Reputation Filtering and File Analysis |
| • Cisco Advanced Malware Protection |
| • File Reputation and Analysis Features |
| • Integration with Cisco Cognitive Intelligence |
| Enforcing Acceptable Use Control Settings |
| • Controlling Web Usage |
| • URL Filtering |
| • URL Category Solutions |
| • Dynamic Content Analysis Engine |
| • Web Application Visibility and Control |
| • Enforcing Media Bandwidth Limits |
| • Software as a Service (SaaS) Access Control |
| • Filtering Adult Content |
| Data Security and Data Loss Prevention |
| • Data Security |
| • Cisco Data Security Solution |
| • Data Security Policy Definitions |
| • Data Security Logs |
| Performing Administration and Troubleshooting |
| • Monitor the Cisco Web Security Appliance |
| • Cisco WSA Reports |
| • Monitoring System Activity Through Logs |
| • System Administration Tasks |
| • Troubleshooting |
| • Command Line Interface |
| References |
| • Comparing Cisco WSA Models |
| • Comparing Cisco SMA Models |
| • Overview of Connect, Install, and Configure |
| • Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template |
| • Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks |
| • Connecting to the Cisco Web Security Virtual Appliance |
| • Enabling Layer 4 Traffic Monitor (L4TM) |
| • Accessing and Running the System Setup Wizard |
| • Reconnecting to the Cisco Web Security Appliance |
| • High Availability Overview |
| • Hardware Redundancy |
| • Introducing Common Address Redundancy Protocol (CARP) |
| • Configuring Failover Groups for High Availability |
| • Feature Comparison Across Traffic Redirection Options |
| • Architecture Scenarios When Deploying Cisco AnyConnect® Secure Mobility |
| Lab Outline |
| • Configure the Cisco Web Security Appliance |
| • Deploy Proxy Services |
| • Configure Proxy Authentication |
| • Configure HTTPS Inspection |
| • Create and Enforce a Time/Date-Based Acceptable Use Policy |
| • Configure Advanced Malware Protection |
| • Configure Referrer Header Exceptions |
| • Utilize Third-Party Security Feeds and MS Office 365 External Feed |
| • Validate an Intermediate Certificate |
| • View Reporting Services and Web Tracking |
| • Perform Centralized Cisco AsyncOS Software Upgrade Using Cisco SMA |
You are interested in a certification? The course at hand is part of the following certification(s):
Certification as CCNP Security Certification
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Hybrid training
- Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Cisco Digital Learning
- This course is available in the Cisco Digital Learning Library. These recently developed, multi-modal training events include HD videos moderated by lecturers with stored searchable text and subtitles, as well as a exercises, labs, and explanatory text and graphics. We provide this offer to you via our myExperTeach learning portal. Effective of the activation of the account, access to the courses will be granted for a duration of 6 months. In the case of packet solutions (Cisco Digital Learning Subscriptions), this time period will amount to 12 months.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
Request for customized courses
You can find the complete description of this course with dates and prices ready for download at as PDF.-
This course shows you how to implement, use, and maintain Cisco® Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.
-
Course Contents
-
- Describing Cisco WSA
- Deploying Proxy Services
- Utilizing Authentication
- Creating Decryption Policies to Control HTTPS Traffic
- Understanding Differentiated Traffic Access Policies and Identification Profiles
- Defending Against Malware
- Enforcing Acceptable Use Control Settings
- Data Security and Data Loss Prevention
- Performing Administration and Troubleshooting
- References
You will receive the original course documentation from Cisco in English language as a Cisco E-Book. In the Cisco Digital Learning Version, the content of the courseware is integrated into the learning interface instead.
-
Target Group
-
- Security architects
- System designers
- Network administrators
- Operations engineers
- Network managers, network or security technicians, and security engineers and managers responsible for web security
- Cisco integrators and partners
-
Knowledge Prerequisites
-
To fully benefit from this course, you should have knowledge of these topics:
- TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
- IP routing
You are expected to have one or more of the following basic technical competencies or equivalent knowledge:
- Cisco certification (CCENT certification or higher)
- Relevant industry certification [International Information System Security Certification Consortium ((ISC)2), Computing Technology Industry Association (CompTIA) Security+, International Council of Electronic Commerce Consultants (EC-Council), Global Information Assurance Certification (GIAC), ISACA]
- Cisco Networking Academy letter of completion (CCNA 1 and CCNA 2)
- Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE)], CompTIA (A+, Network+, Server+)
-
Complementary and Continuative Courses
-
SCOR – Implementing and Operating Cisco Security Core Technologies
SSNGFW – Securing Networks with Cisco Firepower Next Generation Firewall
SSFIPS – Securing Cisco Networks with Cisco Firepower Next-Generation IPS
SISE – Implementing and Configuring Cisco Identity Services Engine
SVPN – Implementing Secure Solutions with Virtual Private Networks
SESA – Securing Email with Cisco Email Security Appliance
SAUI – Implementing Automation for Cisco Security Solutions -
Course Objective
-
This course helps you prepare to take the exam, Securing the Web with Cisco Web Security Appliance (300-725 SWSA), which leads to CCNP® Security and the Cisco Certified Specialist - Web Content Security.
| Describing Cisco WSA |
| • Technology Use Case |
| • Cisco WSA Solution |
| • Cisco WSA Features |
| • Cisco WSA Architecture |
| • Proxy Service |
| • Integrated Layer 4 Traffic Monitor |
| • Data Loss Prevention |
| • Cisco Cognitive Intelligence |
| • Management Tools |
| • Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration |
| • Cisco Content Security Management Appliance (SMA) |
| Deploying Proxy Services |
| • Explicit Forward Mode vs. Transparent Mode |
| • Transparent Mode Traffic Redirection |
| • Web Cache Control Protocol |
| • Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow |
| • Proxy Bypass |
| • Proxy Caching |
| • Proxy Auto-Config (PAC) Files |
| • FTP Proxy |
| • Socket Secure (SOCKS) Proxy |
| • Proxy Access Log and HTTP Headers |
| • Customizing Error Notifications with End User Notification (EUN) Pages |
| Utilizing Authentication |
| • Authentication Protocols |
| • Authentication Realms |
| • Tracking User Credentials |
| • Explicit (Forward) and Transparent Proxy Mode |
| • Bypassing Authentication with Problematic Agents |
| • Reporting and Authentication |
| • Re-Authentication |
| • FTP Proxy Authentication |
| • Troubleshooting Joining Domains and Test Authentication |
| • Integration with Cisco Identity Services Engine (ISE) |
| Creating Decryption Policies to Control HTTPS Traffic |
| • Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview |
| • Certificate Overview |
| • Overview of HTTPS Decryption Policies |
| • Activating HTTPS Proxy Function |
| • Access Control List (ACL) Tags for HTTPS Inspection |
| • Access Log Examples |
| Understanding Differentiated Traffic Access Policies and Identification Profiles |
| • Overview of Access Policies |
| • Access Policy Groups |
| • Overview of Identification Profiles |
| • Identification Profiles and Authentication |
| • Access Policy and Identification Profiles Processing Order |
| • Other Policy Types |
| • Access Log Examples |
| • ACL Decision Tags and Policy Groups |
| • Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications |
| Defending Against Malware |
| • Web Reputation Filters |
| • Anti-Malware Scanning |
| • Scanning Outbound Traffic |
| • Anti-Malware and Reputation in Policies |
| • File Reputation Filtering and File Analysis |
| • Cisco Advanced Malware Protection |
| • File Reputation and Analysis Features |
| • Integration with Cisco Cognitive Intelligence |
| Enforcing Acceptable Use Control Settings |
| • Controlling Web Usage |
| • URL Filtering |
| • URL Category Solutions |
| • Dynamic Content Analysis Engine |
| • Web Application Visibility and Control |
| • Enforcing Media Bandwidth Limits |
| • Software as a Service (SaaS) Access Control |
| • Filtering Adult Content |
| Data Security and Data Loss Prevention |
| • Data Security |
| • Cisco Data Security Solution |
| • Data Security Policy Definitions |
| • Data Security Logs |
| Performing Administration and Troubleshooting |
| • Monitor the Cisco Web Security Appliance |
| • Cisco WSA Reports |
| • Monitoring System Activity Through Logs |
| • System Administration Tasks |
| • Troubleshooting |
| • Command Line Interface |
| References |
| • Comparing Cisco WSA Models |
| • Comparing Cisco SMA Models |
| • Overview of Connect, Install, and Configure |
| • Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template |
| • Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks |
| • Connecting to the Cisco Web Security Virtual Appliance |
| • Enabling Layer 4 Traffic Monitor (L4TM) |
| • Accessing and Running the System Setup Wizard |
| • Reconnecting to the Cisco Web Security Appliance |
| • High Availability Overview |
| • Hardware Redundancy |
| • Introducing Common Address Redundancy Protocol (CARP) |
| • Configuring Failover Groups for High Availability |
| • Feature Comparison Across Traffic Redirection Options |
| • Architecture Scenarios When Deploying Cisco AnyConnect® Secure Mobility |
| Lab Outline |
| • Configure the Cisco Web Security Appliance |
| • Deploy Proxy Services |
| • Configure Proxy Authentication |
| • Configure HTTPS Inspection |
| • Create and Enforce a Time/Date-Based Acceptable Use Policy |
| • Configure Advanced Malware Protection |
| • Configure Referrer Header Exceptions |
| • Utilize Third-Party Security Feeds and MS Office 365 External Feed |
| • Validate an Intermediate Certificate |
| • View Reporting Services and Web Tracking |
| • Perform Centralized Cisco AsyncOS Software Upgrade Using Cisco SMA |
You are interested in a certification? The course at hand is part of the following certification(s):
Certification as CCNP Security Certification
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Hybrid training
- Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Cisco Digital Learning
- This course is available in the Cisco Digital Learning Library. These recently developed, multi-modal training events include HD videos moderated by lecturers with stored searchable text and subtitles, as well as a exercises, labs, and explanatory text and graphics. We provide this offer to you via our myExperTeach learning portal. Effective of the activation of the account, access to the courses will be granted for a duration of 6 months. In the case of packet solutions (Cisco Digital Learning Subscriptions), this time period will amount to 12 months.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
Request for customized courses
You can find the complete description of this course with dates and prices ready for download at as PDF.
Hybrid Training
Trainer language German