Description

The Securing the Web with Cisco Web Security Appliance (SWSA) v2.1 is a 2-day instructor-led course that introduces the learners to the installation, configuration, management, and troubleshooting of the Cisco Web Security Appliance (Cisco WSA). The objective of the course is to teach network professionals how to design, configure, administer, monitor, and troubleshoot the Cisco WSA in small to medium-sized business and enterprise installations.
This course reinforces instructions by providing hand-on labs to ensure that learners thoroughly understand how to secure a network.

Objectives

Upon completing this course, the learner will be able to meet these overall objectives:
  • Describe the Cisco WSA
  • Install and verify the Cisco WSA
  • Deploy proxy services for the Cisco WSA
  • Utilise authentication with the Cisco WSA
  • Configure various policies for the Cisco WSA
  • Enforce acceptable use using the Cisco WSA
  • Defend against malware
  • Configure data security
  • Describe Cisco Cloud Web Security
  • Use Cisco AnyConnect Secure Mobility Client
  • Perform administration and troubleshooting of Cisco WSA

Outline

The course contains these components:
  • Reviewing the System
    • Customer Use Cases
    • Cisco Web Security Appliance Models and Architecture
    • Lab: Access the Cisco Remote Lab
  • Installing and Verifying the Cisco Web Security Appliance
    • Review the Cisco Security Management Appliance
    • Install and Verify Cisco Web Security Appliance Hardware
    • Install and Verify the Cisco Web Security Virtual Appliance for VMware
    • Run the System Setup Wizard
    • Configure L4TM
    • Lab: Installing and Verifying the Cisco Web Security Appliance
  • Configuring Virtual Web Security Appliance Connector to Cisco Cloud Web Security
    • Review Cisco Cloud Web Security
    • Connect to Cisco Cloud Web Security Using the Cloud Web Security Connector
  • Deploying Proxy Services
    • Contrast Proxy Modes
    • Review PAC Files
    • Configure and Manage Proxy Services
    • Deploy Native FTP Proxy
    • Read Proxy Access Log and HTTP Headers
    • Lab: Deploying Proxy Services
  • Utilizing Authentication
    • Configure NTLM and Proxy Authentication
    • Identify Authentication Settings and Realms
    • Describe LDAP Authentication and Authorization
    • Troubleshoot Joining Domains and Test Authentication
    • Lab: Utilizing Authentication
  • Configuring Policies
    • Configure Access Policies and Identities
    • Configure Authentication Exemptions
    • Review Access Log Tags
    • Lab: Configuring Cisco WSA Policies
  • Enforcing Acceptable Use
    • Enable URL Categories and Filters
    • Configure Application Visibility and Control
    • Describe SaaS Access Control
    • Use HTTPS Inspection
    • Configure HTTPS Proxy Settings
    • Lab: Enforcing Acceptable Use
  • Enforcing Acceptable Use: Advanced Topics
    • Configure Application Visibility and Control: Advanced Topics
    • Describe SaaS Access Control: Advanced Topics
    • Configure Web Usage Controls and URL Categories
    • View Logging and Reporting
    • Lab: Enforcing Acceptable Use—Advanced Topics
  • Defending Against Malware
    • Describe and Configure WBRS
    • Describe and Configure Antimalware Scanning
    • Describe and Configure Advanced Malware Protection
    • Interpret ACL Tags Relevant to Antimalware
    • Lab: Defending Against Malware
  • Configuring Data Security
    • Configure Data Security
    • Configure DLP
    • Describe Access and Data Security Logs
    • Lab: Configuring Data Security
  • Describing Cisco Cloud Web Security
    • Describe Cisco Cloud Web Security Features and Benefits
    • Explain Cisco Cloud Attach Model
    • Lab: Describing Cisco Cloud Web Security
  • Using Cisco AnyConnect Secure Mobility Client
    • Describe Cisco AnyConnect Web Security
    • Integrate the Cisco AnyConnect Secure Mobility Client
  • Performing Administration and Troubleshooting
    • Describe Report Administration
    • Monitor the Cisco Web Security Appliance
    • Configure W3C Logging
    • Perform Other Administrative Tasks
    • Describe Hardware Redundancy
    • Troubleshoot the Cisco Web Security Appliance
    • Lab: Performing Administration and Troubleshooting

Prerequisite Knowledge

The knowledge and skills that a learner should possess before attending this course are as follows:
  • TCP/IP services, including DNS, SSH, FTP, SNMP, HTTP, and HTTPS
  • IP routing