Associated Certifications
CCNP Security, Cisco Certified Specialist-Web Content Security
Required Exam(s)
300-725 SWSA
Instructorctclc admin
TypeOnline Course
Duration
2 Days
Methods of Delivery
ILT, VIRTUAL, On-Site
Price$2195.00 / 22 CLCs
Buy NowBook Now

The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco® Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.

This course helps you prepare to take the exam, Securing the Web with Cisco Web Security Appliance (300-725 SWSA), which leads to CCNP® Security and the Cisco Certified Specialist – Web Content Security.

Course Objectives

Who Should Attend

Perquisites

Course Outline

Download Outline

Upon completing this course, the student will be able to meet these objectives:

  • Describe Cisco WSA
  • Deploy proxy services
  • Utilize authentication
  • Describe decryption policies to control HTTPS traffic
  • Understand differentiated traffic access policies and identification profiles
  • Enforce acceptable use control settings
  • Defend against malware
  • Describe data security and data loss prevention
  • Perform administration and troubleshooting

The primary audience for this course is as follows:

  • Security Architects
  • System Designers
  • Network Administrators
  • Operations Engineers
  • Network Managers, Network or Security Technicians, and Security Engineers and Managers responsible for web security
  • Cisco Integrators and Partners

  • TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
  • IP routing

Module 1: Describing Cisco WSA

  • Technology Use Case
    Cisco WSA Solution
    Cisco WSA Features
    Cisco WSA Architecture
    Proxy Service
    Integrated Layer 4 Traffic Monitor
    Data Loss Prevention
    Cisco Cognitive Intelligence
    Management Tools
    Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration
    Cisco Content Security Management Appliance (SMA)

Module 2: Deploying Proxy Services

  • Explicit Forward Mode vs. Transparent Mode
    Transparent Mode Traffic Redirection
    Web Cache Control Protocol
    Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow
    Proxy Bypass
    Proxy Caching
    Proxy Auto-Config (PAC) Files
    FTP Proxy
    Socket Secure (SOCKS) Proxy
    Proxy Access Log and HTTP Headers
    Customizing Error Notifications with End User Notification (EUN) Pages

Module 3: Utilizing Authentication

  • Authentication Protocols
    Authentication Realms
    Tracking User Credentials
    Explicit (Forward) and Transparent Proxy Mode
    Bypassing Authentication with Problematic Agents
    Reporting and Authentication
    Re-Authentication
    FTP Proxy Authentication
    Troubleshooting Joining Domains and Test Authentication
    Integration with Cisco Identity Services Engine (ISE)

Module 4: Creating Decryption Policies to Control HTTPS Traffic

  • Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview
    Certificate Overview
    Overview of HTTPS Decryption Policies
    Activating HTTPS Proxy Function
    Access Control List (ACL) Tags for HTTPS Inspection
    Access Log Examples

Module 5: Understanding Differentiated Traffic Access Policies and Identification Profiles

  • Overview of Access Policies
    Access Policy Groups
    Overview of Identification Profiles
    Identification Profiles and Authentication
    Access Policy and Identification Profiles Processing Order
    Other Policy Types
    Access Log Examples
    ACL Decision Tags and Policy Groups
    Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications

Module 6: Defending Against Malware

  • Web Reputation Filters
    Anti-Malware Scanning
    Scanning Outbound Traffic
    Anti-Malware and Reputation in Policies
    File Reputation Filtering and File Analysis
    Cisco Advanced Malware Protection
    File Reputation and Analysis Features
    Integration with Cisco Cognitive Intelligence

Module 7: Enforcing Acceptable Use Control Settings

  • Controlling Web Usage
    URL Filtering
    URL Category Solutions
    Dynamic Content Analysis Engine
    Web Application Visibility and Control
    Enforcing Media Bandwidth Limits
    Software as a Service (SaaS) Access Control
    Filtering Adult Content

Module 8: Data Security and Data Loss Prevention

  • Data Security
    Cisco Data Security Solution
    Data Security Policy Definitions
    Data Security Logs

Module 9: Performing Administration and Troubleshooting

  • Monitor the Cisco Web Security Appliance
    Cisco WSA Reports
    Monitoring System Activity Through Logs
    System Administration Tasks
    Troubleshooting
    Command Line Interface

Module 10: References

  • Comparing Cisco WSA Models
    Comparing Cisco SMA Models
    Overview of Connect, Install, and Configure
    Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template
    Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks
    Connecting to the Cisco Web Security Virtual Appliance
    Enabling Layer 4 Traffic Monitor (L4TM)
    Accessing and Running the System Setup Wizard
    Reconnecting to the Cisco Web Security Appliance
    High Availability Overview
    Hardware Redundancy
    Introducing Common Address Redundancy Protocol (CARP)
    Configuring Failover Groups for High Availability
    Feature Comparison Across Traffic Redirection Options
    Architecture Scenarios When Deploying Cisco AnyConnect® Secure Mobility

 

LAB OUTLINE

  • Configure the Cisco Web Security Appliance
  • Deploy Proxy Services
    Configure Proxy Authentication
    Configure HTTPS Inspection
    Create and Enforce a Time/Date-Based Acceptable Use Policy
    Configure Advanced Malware Protection
    Configure Referrer Header Exceptions
    Utilize Third-Party Security Feeds and MS Office 365 External Feed
    Validate an Intermediate Certificate
    View Reporting Services and Web Tracking
    Perform Centralized Cisco AsyncOS Software Upgrade Using Cisco SMA

SWSA