Today's interactive web technologies benefit businesses by helping them innovate and reduce costs. However, these same technologies introduce a new set of challenges. Every web interaction exposes companies to hidden cybersecurity threats, staff productivity losses, and significant business risks.
Overview
In today's highly connected and increasingly mobile world, with its complex and sophisticated threats, Cisco® Web Security delivers the strong protection, complete control, and investment value you need.
• Cisco Web Security solutions provide best-in-class uptime, zero-day threat protection, and integration with Cisco's market-leading family of security offerings.
• Users are protected everywhere, all the time, with safeguards including Cisco's unparalleled global threat-intelligence infrastructure.
• A single management interface delivers global control with policies that provide dynamic, context-based control of web applications by assessing user location, profile, and device.
• Cisco Web Security minimizes costs with fewer devices, faster integration, and simplified training. Resolve issues and avoid downtime with Cisco's world-class 24-hour support.
Features and Benefits
Threat Intelligence
Receive fast and comprehensive web protection backed by the largest threat-detection network in the world. Cisco Security Intelligence Operations (SIO) provides a 24-hour view into global traffic activity, enabling Cisco to analyze anomalies, uncover new threats, and monitor traffic trends. SIO generates new rules that feed updates every three to five minutes, providing industry-leading threat defense hours and even days ahead of competitors.
Real-Time Malware Scanning
Prevent zero-hour attacks with multiple antimalware engines running concurrently. Every piece of web content accessed - from HTML to images to Flash videos - is analyzed using security and context-aware scanning engines.
Eliminate the risks of misuse, compliance violations, and reduced productivity with Cisco's continuously updated URL database and real-time categorization of unknown URLs. Administrators can also select policies for intelligent HTTPS inspection.
Application Visibility and Control
Control mobile, collaborative, and Web 2.0 applications and enforce behaviors within those applications. Cisco Web Security identifies and provides controls for hundreds of applications and 150,000 micro-applications.
Data Loss Prevention (DLP)
Prevent confidential data from leaving the network by creating context-based rules for basic DLP. Cisco uses Internet Content Adaptation Protocol (ICAP) to integrate Cisco Web Security with any third-party DLP solution for advanced protection.
Secure Mobility
Protect roaming users by integrating Cisco Web Security with the Cisco AnyConnect® Secure Mobility Client.
Centralized Management and Reporting
Receive actionable insight across threats, data, and applications. Cisco Web Security solutions provide powerful centralized tools to control security operations, such as management, and network operations, such as analysis of bandwidth consumption.
Deployment Options
Flexible deployment options allow organizations to meet business requirements without buying more than necessary.
On-Premises
Cloud Connection Methods
Includes software for on-premises appliances like Cisco ASA 5500-X Series Next-Generation Firewalls, Cisco ISR Generation 2 (ISR G2) Routers, and Cisco Web Security Appliances, redirecting traffic to Cisco Cloud Web Security for web security functions.
Product Specifications
Tables 1 through 3 list specifications for the Cisco WSA, the Cisco WSAV, and Cisco Cloud Web Security, respectively.
Table 1. Cisco Web Security Appliance (WSA)
Users*
Model
Disk Space
RAID Mirroring
Memory
CPUs
Large Enterprise
6000-12000
S680
4.8 TB
(8x600 GB SAS)
Yes (RAID 10)
32 GB
16 (2 Octa Core)
2.70 Ghz
S670
2.7 TB
(6x450 GB SAS)
Yes (RAID 10)
8 GB
8 (2 Quad Core)
2.80 GHz
Midsize Office
1500-6000
S380
2.4 TB
(4x600 GB SAS)
Yes (RAID 10)
16 GB
6 (1 Hexa Core)
2.00 Ghz
S370
1.8 TB
(4x450 GB SAS)
Yes (RAID 10)
4 GB
4 (1 Quad Core)
2.26 GHz
SMB & Branch
< 1500
S170
500 GB
(2x250 GB SATA)
Yes (RAID 1)
4 GB
2 (1 Dual Core)
2.80 GHz
* Please confirm sizing guidance with a Cisco content security specialist to help ensure your solution will meet your current and projected needs.
Table 2. Cisco Web Security Virtual Appliance (WSAV)
Web Users**
Web Users
Model
Disk
Memory
Cores
<1000
S000v
250 GB
4 GB
1
1000-2999
S100v
250 GB
6 GB
2
3000-6000
S300v
1024 GB
8 GB
4
Servers
Cisco UCS®
ESXi 4.0 X 5.0 Hypervisor
** Please confirm sizing guidance with a Cisco content security specialist to help ensure your solution will meet your current and projected needs.
Table 3. Cisco Cloud Web Security (CWS)
Connection Methods
How Devices Authenticate to Cloud
SSL Tunneling
Whitelisting Options
How Devices Authenticate to Cloud
Native Connector
License key, egress IP
Yes
IP, IP ranges, URL, host, user agent
Explicit
WSA Connector
License key
No
IP, IP ranges
Transparent
ISR Connector
License key
No
IP, IP ranges, URL, host, user agent
Transparent
Firewall
License key
No
IP, IP ranges
Transparent
AnyConnect
License key
Yes
IP, IP ranges, host
Transparent
Licensing
Term-Based Subscription Licenses
Licenses are term-based subscriptions of one, three, or five years.
Quantity-Based Subscription Licenses
The Cisco Web Security portfolio uses tiered pricing based on the number of users. Sales and partner representatives can help to determine the correct tier for each customer deployment.
Cisco Web Security Appliance Licensing Options
1. Web Security Essentials: Protection and control of an organization's web traffic using URL filtering, reputation-based defense, and application visibility and control technologies
3. Cisco Web Security Premium: Web Security Essentials and real-time malware scanning
4. McAfee Antimalware: Real-time malware scanning available as a single license
All licenses include software subscription support. The Cisco End-User License Agreement (EULA) and the Cisco Web Security Supplemental End-User License Agreement (SEULA) are provided with each software license purchase.
Cisco Web Security Virtual Appliance Self-Service Provisioning
You can deploy as many virtual instances as needed; there is no limit, and there's no need to contact Cisco. New instances can be provided as needed with digital certificates.
Cisco Cloud Web Security Offer
Cisco Cloud Web Security provides a rich set of services through the Global Price List offer, including: Web Security, Web Filtering, and Secure Mobility. Additionally, all Cisco Cloud Web Security subscriptions include support contracts. Customers are entitled to support for the term of the subscription.
Services
Cisco Branded Services
Cisco Security Planning and Design: Enables deployment of a robust security solution quickly and cost-effectively.
Cisco Web Security Configuration and Installation: Mitigates web security risks by installing, configuring, and testing appliances to implement:
• Acceptable-use-policy controls
• Reputation and malware filtering
• Data security
• Application visibility and control
Cisco Security Optimization: Supports an evolving security system to meet security threats, design, performance tuning, and support for system changes.
Collaborative/Partner Services
Network Device Security Assessment: Helps maintain a hardened network environment by identifying gaps in network infrastructure security.
Smart Care: Provides actionable intelligence gained from highly secure visibility into a network's performance.
Additional services: Cisco partners provide a wide range of valuable services across the planning, design, implementation, and optimization lifecycle.
Cisco Financing
Cisco Capital® can tailor financing solutions to business needs. Access Cisco technology sooner and see the business benefits sooner.
Find out more at http://www.cisco.com/go/websecurity. Evaluate how Cisco products will work for you with a Cisco sales representative, channel partner, or systems engineer.
