Note that this page is a supplement to the Cisco Privacy Statement available at http://www.cisco.com/web/siteassets/legal/privacy_full.html. In order to understand the data collection and use practices relevant for a particular product or solution, you should read both the Cisco Privacy Statement and any applicable supplement or service description.

The following describes our data collection and use practices with respect to the Cisco Integrated Security Appliance ("ISA").

Collection and Use of Information

Telemetry. The ISA Security Services ("Security Services" or "SS") collect certain network, email, and web threat data, such as information on spam, phishing or malware that threatens your network, devices or applications ("Telemetry"). Telemetry may include limited personally identifiable information associated with email and web threat data. We use Telemetry to improve the security of ISA and other Cisco security products and services and your user experience, and to reduce the risk of network, email, and web threats.

Enabling and Disabling Telemetry. You may enable or disable SS on the Security Services Dashboard page, by checking or unchecking the box in the Enable column. All Security Services are disabled by default, except for Network Reputation, which is enabled by default. If you consent to Cisco's collection and use of Telemetry by enabling SS, you may later withdraw your consent to further collection of Telemetry by disabling SS. Configuration and installation instructions for SS are available in your ISA Administration Guide and in the ISA user interface.

If enabled, Telemetry is obtained in the following ways:

• Upon a SS query to Cisco
• If you enable the "Web Reputation Filtering" or "Web URL Filtering" SS features the ISA submits the URL request to Cisco for reputation or categorization information on the URL. Cisco keeps a record of these URL requests for purposes of improving the efficacy of our security products and services.
• If you enable the "Spam Filter" SS feature, the ISA requests Cisco for reputation information for the connecting IP address when an incoming SMTP connection is detected. Cisco keeps a record of these IP requests for purposes of improving the efficacy of our security products and services.
• The Network Reputation feature requests Cisco for reputation information for a connecting IP address in order to block incoming traffic from a blocklist of IP addresses that are known to initiate attacks throughout the Internet. Cisco keeps a record of the number of these Network Reputation requests and our response time statistics, for purposes of improving the efficacy of our security products and services. The Network Reputation Feature does not collect any personally identifiable information.
• The ISA periodically sends Cisco Telemetry about its performance and operation. For example, performance information can include the time to fulfill a request from your ISA to Cisco. This performance and operation Telemetry does not include any personally identifiable information.

Sharing Your Information

We may share aggregated and anonymous Telemetry information with service providers, contractors or other third parties to improve the security of ISA and other Cisco security products and services and your user experience, and to reduce the risk of network, email, and web threats. Any shared information will be consistent with Cisco's overall Privacy Statement and will not identify you personally in any way.

Future Features

We may add to or upgrade ISA to provide you with new features on an ongoing basis. We may update this Supplement from time to time to reflect any changes in our collection or use of information from these new features.