Priyank Sharma, profile picture
Uploaded byPriyank Sharma
PPTX, PDF3,729 views

Cisco Ironport WSA- Introduction and Guide in Short

The document provides an overview of Cisco IronPort Web Security Appliance (WSA) device series specifications, including user capacity and architecture based on AsyncOS. It describes various modes of operation such as explicit and transparent modes, alongside packet flow and policy actions like monitoring, decrypting, and dropping connections. Additionally, it includes an example of log reading, detailing the information captured during a web request cycle.

Technology
Related topics:
Network Security

Embed presentation

Downloaded 46 times
1 CISCO IRONPORT WSA (Web Security Appliance)
Device Series • S 170 (Upto 1,500 users) • S 370 (1,500 – 6,000) • S 670 (6,000 – 12,000) • IRONPORT use AsyncOS (FreeBSD Kernel).
Architecture Terms Modes • Identity • Policy • Policy Action • URL Filtering • AVS • Explicit Mode • Transparent Mode
Packet Flow GET Request Check Identity Policy Policy Action OUTPUT
Policy Action • User Global Setting : Uses the action for this category in the global Decryption policy group. • Pass Through: Passes through the connection between the client and the server without inspecting the traffic content. • Monitor : The Web Proxy neither allows nor blocks the request. Instead, it continues to evaluate the client request against other policy group control settings, such as web reputation filtering. • Decrypt: Allows the connection, but inspects the traffic content. The appliance decrypts the traffic and applies Access Policies to the decrypted traffic as if it were a plaintext HTTP connection. • Drop: Drop the connection does not pass the connection request to the server.
Log Reading • 1278096903.150 97 172.xx.xx.xx TCP_MISS/200 8187 GET http://my.site.com/ - DIRECT/my.site.com text/plain DEFAULT_CASE_11-AccessOrDecryptionPolicy- Identity-OutboundMalwareScanningPolicy-DataSecurityPolicy-ExternalDLPPolicy- RoutingPolicy <IW_comp,6.9,"Skipped","-",-,-,-,"-","-",-,-,-,"-","-","-","-","-",-,- ,IW_comp,-,"-","-","Unknown","Unknown","-","-",198.34,0,-,"-","-"> - o 1278096903.150 97 : Time Stamp since UNIX epoch o 97 : Elapsed time (latency) in milliseconds o 172.xx.xx.xx : Client IP address o TCP_MISS : Transactional result code. o 200 HTTP Response code o 8187: Response size (Headers + body) o GET http://my.site.com : First line of request. o DIRECT/my.site.com : Code that describes which server was contacted for the retrieving the request content, Types: NONE, DIRECT, DEFAULT PARENT o Text/plain : Response body MIME Type o AccessOrDescytptionPolicy : Access or Decryption policy name.
Thank You • Feel free to contact me for any queries.

More Related Content

PDF
Web Security Deployment
byCisco Canada
 
PPTX
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
byDhruv Sharma
 
PDF
Introduction to OAuth2.0
byOracle Corporation
 
PDF
OpenID Connect Explained
byVladimir Dzhuvinov
 
PPTX
OAuth 2
byChrisWood262
 
PPTX
OAuth2 + API Security
byAmila Paranawithana
 
PDF
RESTful API Design
byAmigo 陳兆祥
 
PPTX
Multi-Tenant Approach
byPerfectial, LLC
 
Web Security Deployment
byCisco Canada
 
Setting up Cisco WSA Proxy in Transparent and Explicit Mode
byDhruv Sharma
 
Introduction to OAuth2.0
byOracle Corporation
 
OpenID Connect Explained
byVladimir Dzhuvinov
 
OAuth 2
byChrisWood262
 
OAuth2 + API Security
byAmila Paranawithana
 
RESTful API Design
byAmigo 陳兆祥
 
Multi-Tenant Approach
byPerfectial, LLC
 

What's hot

PPTX
REST & RESTful Web Services
byHalil Burak Cetinkaya
 
PDF
OpenID for Verifiable Credentials @ IIW 36
byTorsten Lodderstedt
 
PPT
Secure shell ppt
bysravya raju
 
PPTX
Cisco ASA Firewall Presentation - ZABTech center Hyderabad
byMehtabRohela
 
PDF
오픈스택 기반 클라우드 서비스 구축 방안 및 사례
bySONG INSEOB
 
PPTX
Cisco ASA Firewalls
byBryley Systems Inc.
 
PPTX
The Rise of Secrets Management
byAkeyless
 
PDF
OAuth 2.0
byUwe Friedrichsen
 
PDF
OAuth 2.0 and OpenID Connect
byJacob Combs
 
PPTX
WLAN:VPN Security
by@zenafaris91
 
PPTX
Demystifying Networking Webinar Series- Routing on the Host
byCumulus Networks
 
PPTX
Applying OWASP web security testing guide (OWSTG)
byVandana Verma
 
PDF
OAuth
byIván Fernández Perea
 
PDF
Nikto
bySorina Chirilă
 
PDF
Nessus Software
byMegha Sahu
 
PDF
SSH - Secure Shell
byPeter R. Egli
 
PDF
SSRF workshop
byIvan Novikov
 
PPTX
Introduction of firewall slides
byrahul kundu
 
ODP
pfSense presentation
bySimon Vass
 
ODP
Introduction to Ansible
byKnoldus Inc.
 
REST & RESTful Web Services
byHalil Burak Cetinkaya
 
OpenID for Verifiable Credentials @ IIW 36
byTorsten Lodderstedt
 
Secure shell ppt
bysravya raju
 
Cisco ASA Firewall Presentation - ZABTech center Hyderabad
byMehtabRohela
 
오픈스택 기반 클라우드 서비스 구축 방안 및 사례
bySONG INSEOB
 
Cisco ASA Firewalls
byBryley Systems Inc.
 
The Rise of Secrets Management
byAkeyless
 
OAuth 2.0
byUwe Friedrichsen
 
OAuth 2.0 and OpenID Connect
byJacob Combs
 
WLAN:VPN Security
by@zenafaris91
 
Demystifying Networking Webinar Series- Routing on the Host
byCumulus Networks
 
Applying OWASP web security testing guide (OWSTG)
byVandana Verma
 
OAuth
byIván Fernández Perea
 
Nikto
bySorina Chirilă
 
Nessus Software
byMegha Sahu
 
SSH - Secure Shell
byPeter R. Egli
 
SSRF workshop
byIvan Novikov
 
Introduction of firewall slides
byrahul kundu
 
pfSense presentation
bySimon Vass
 
Introduction to Ansible
byKnoldus Inc.
 

Viewers also liked

PPTX
Cisco Web and Email Security Overview
byCisco Security
 
PDF
Presentation cisco iron port email & web security
byxKinAnx
 
PPTX
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
byCisco Security
 
PPT
checkpoint
byMayank Dhingra
 
PPTX
Check Point Virtual Systems
byGroup of company MUK
 
PPTX
Check Point sizing security
byGroup of company MUK
 
PDF
Course 06
bySaravuth kong
 
PDF
Deployment of cisco_iron_portweb_security_appliance
byAlfredo Boiero Sanders
 
PPTX
DEVNET-1180 Security from the Cloud
byCisco DevNet
 
PDF
Check point presentation june 2014
byDavid Berkelmans
 
PPTX
Checkpoint r77
byMinh Dương
 
PDF
Sponsorship Kit
byemasta15
 
Cisco Web and Email Security Overview
byCisco Security
 
Presentation cisco iron port email & web security
byxKinAnx
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
byCisco Security
 
checkpoint
byMayank Dhingra
 
Check Point Virtual Systems
byGroup of company MUK
 
Check Point sizing security
byGroup of company MUK
 
Course 06
bySaravuth kong
 
Deployment of cisco_iron_portweb_security_appliance
byAlfredo Boiero Sanders
 
DEVNET-1180 Security from the Cloud
byCisco DevNet
 
Check point presentation june 2014
byDavid Berkelmans
 
Checkpoint r77
byMinh Dương
 
Sponsorship Kit
byemasta15
 

Recently uploaded

PDF
How to Evaluate a High Performance Database
byScyllaDB
 
PPTX
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
PDF
Workshop on Sustaining & Growing Open Source Communities - GAS2025
bySammy Fung
 
PDF
100 Insights After the 200th Issue of NewMind AI Journal
byNewMind AI
 
PDF
HCSP-Presales-Campus Network Planning and Design V2.0
byVeronica916344
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PDF
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
PDF
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
PDF
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
PDF
CompTIA Cybersecurity Analyst (CySA+) CS0-003: Unit 5
byVICTOR MAESTRE RAMIREZ
 
PPTX
MGw_MRS Benfits seu beficios de redes 4g
byJoaquimBarros18
 
PDF
API-First Architecture in Financial Systems
bycyy111112
 
PDF
What Is a Private LLM and Why Enterprises Need It
byAivada
 
PPTX
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
PDF
AI Powered Document Processing and Data Extraction
byRobert McDermott
 
PDF
Exam Prep Plan Overview: Amazon Web Services (AWS) Certified
byVICTOR MAESTRE RAMIREZ
 
PDF
Day 4 - Access, Deployments, and Monitoring - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PPTX
Gemini vs ChatGPT : Comparing Top AI Models
byDigicarrom
 
PPTX
communication-skills-with-technology tools
byJaleto Sunkemo
 
PPTX
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
How to Evaluate a High Performance Database
byScyllaDB
 
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
Workshop on Sustaining & Growing Open Source Communities - GAS2025
bySammy Fung
 
100 Insights After the 200th Issue of NewMind AI Journal
byNewMind AI
 
HCSP-Presales-Campus Network Planning and Design V2.0
byVeronica916344
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
CompTIA Cybersecurity Analyst (CySA+) CS0-003: Unit 5
byVICTOR MAESTRE RAMIREZ
 
MGw_MRS Benfits seu beficios de redes 4g
byJoaquimBarros18
 
API-First Architecture in Financial Systems
bycyy111112
 
What Is a Private LLM and Why Enterprises Need It
byAivada
 
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
AI Powered Document Processing and Data Extraction
byRobert McDermott
 
Exam Prep Plan Overview: Amazon Web Services (AWS) Certified
byVICTOR MAESTRE RAMIREZ
 
Day 4 - Access, Deployments, and Monitoring - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Gemini vs ChatGPT : Comparing Top AI Models
byDigicarrom
 
communication-skills-with-technology tools
byJaleto Sunkemo
 
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 

Cisco Ironport WSA- Introduction and Guide in Short

  • 1.
    1 CISCO IRONPORT WSA (WebSecurity Appliance)
  • 2.
    Device Series • S170 (Upto 1,500 users) • S 370 (1,500 – 6,000) • S 670 (6,000 – 12,000) • IRONPORT use AsyncOS (FreeBSD Kernel).
  • 3.
    Architecture Terms Modes • Identity •Policy • Policy Action • URL Filtering • AVS • Explicit Mode • Transparent Mode
  • 4.
  • 5.
    Policy Action • UserGlobal Setting : Uses the action for this category in the global Decryption policy group. • Pass Through: Passes through the connection between the client and the server without inspecting the traffic content. • Monitor : The Web Proxy neither allows nor blocks the request. Instead, it continues to evaluate the client request against other policy group control settings, such as web reputation filtering. • Decrypt: Allows the connection, but inspects the traffic content. The appliance decrypts the traffic and applies Access Policies to the decrypted traffic as if it were a plaintext HTTP connection. • Drop: Drop the connection does not pass the connection request to the server.
  • 6.
    Log Reading • 1278096903.15097 172.xx.xx.xx TCP_MISS/200 8187 GET http://my.site.com/ - DIRECT/my.site.com text/plain DEFAULT_CASE_11-AccessOrDecryptionPolicy- Identity-OutboundMalwareScanningPolicy-DataSecurityPolicy-ExternalDLPPolicy- RoutingPolicy <IW_comp,6.9,"Skipped","-",-,-,-,"-","-",-,-,-,"-","-","-","-","-",-,- ,IW_comp,-,"-","-","Unknown","Unknown","-","-",198.34,0,-,"-","-"> - o 1278096903.150 97 : Time Stamp since UNIX epoch o 97 : Elapsed time (latency) in milliseconds o 172.xx.xx.xx : Client IP address o TCP_MISS : Transactional result code. o 200 HTTP Response code o 8187: Response size (Headers + body) o GET http://my.site.com : First line of request. o DIRECT/my.site.com : Code that describes which server was contacted for the retrieving the request content, Types: NONE, DIRECT, DEFAULT PARENT o Text/plain : Response body MIME Type o AccessOrDescytptionPolicy : Access or Decryption policy name.
  • 7.
    Thank You • Feelfree to contact me for any queries.