Discovery 1: Configure the Cisco Web Security ApplianceIn this lab exercise, you will access Cisco remote labs to configure and test Cisco Web Security Appliance (WSA). The lab exercise is divided into multiple tasks, which must be completed before proceeding to any other lab exercises. |
Discovery 2: Deploy Proxy ServicesIn this activity, you will deploy and further configure proxy services and test acceptable use. |
Discovery 3: Configure Proxy AuthenticationCisco WSA proxy authentication allows you to track the employee use of Internet while also enforcing different policies for different groups of users. If the customer already has an existing authentication infrastructure in place, Cisco WSA proxy authentication can integrate with the existing infrastructure. Cisco WSA proxy authentication can also track users and apply different policies to different groups while already having their own authentication infrastructure. In this activity, you will configure and test user authentication. |
Discovery 4: Configure HTTPS InspectionWebsites are increasing the use of TLS/SSL encryption when transmitting sensitive data across the Internet. Cisco WSA can use TLS/SSL certificates and corresponding public keys with HTTPS decryption. The HTTPS proxy feature allows Cisco WSA to capture and apply the proper policy controls to proxy traffic that is traversing Cisco WSA. In this lab exercise, you will configure HTTPS proxy. |
Discovery 5: Create and Enforce a Time/Date-Based Acceptable Use PolicyThe goal of this lab exercise is to understand how to properly construct an acceptable use policy on the WSA. You will accomplish five things: Block categories that represent illegal or offensive material. Set the category filter avoidance and peer file transfer to warn. Block social networking during peak business hours (otherwise monitor). Block IP-based URLs |
Discovery 6: Configure Advanced Malware ProtectionIntegrating advanced malware protection (AMP) with Cisco web security solutions gives you advanced threat capabilities, along with traditional web security features, to protect against the most advanced attacks. AMP adds malware detection, blocking, continuous analysis, and retrospective alerting to your Cisco WSA license. In this lab exercise, you will work with web tracking and advanced malware protection features. You will also configure archive inspection to block specific file types. |
Discovery 7: Configure Referrer Header ExceptionsAn HTTP referrer contains an HTTP header field identifying the web page address that requested the current web page. The referrer field identifies the source of the original request and can be used to define parameters in WSA access policies. |
Discovery 8: Utilize Third-Party Security Feeds and MS Office 365 External FeedThird-party security feeds provide the Cisco WSA with the capability to communicate with an external (third-party) security threat-centric information server. This information can be used to assist security administrators create relevant and effective URL category definitions containing specific host names and IP addresses. Third-party feeds can be periodically updated on the Cisco WSA because the information contained within the threat feeds is dynamic in nature. |
Discovery 9: Validate an Intermediate CertificateAn intermediate TLS/SSL certificate is a supplemental certificate that is issued by a trusted root certificate authority. To reduce the risk of a Certificate Authority's (CA’s) root certificate from being compromised, intermediate certificates are used when issuing TLS/SSL certificates to web servers as an added security measure. An intermediate certificate completes the chain of trust between the web server’s own TLS/SSL certificate and the root CA’s certificate. |
Discovery 10: Review Reporting Services and Web TrackingThe Cisco WSA generates high-level reports, allowing you to understand what is happening on the network and view traffic details for a particular domain, user, or category. You can run reports to view an interactive display of system activity over a specific period, or you can schedule reports and run them at regular intervals. In this lab activity, you will use reports to review URL categories, application visibility, and web tracking. |
Discovery 11: Perform Centralized AsyncOS Software Upgrade Using Cisco SMAThe Cisco Content Security Management Appliance (SMA) centralizes management and reporting functions across multiple Cisco email and web security appliances. Cisco SMA simplifies administration and planning, improves compliance monitoring, helps enable consistent enforcement of policy, and enhances threat protection. Starting with the AsyncOS 10.01 release, administrators can initiate software upgrades simultaneously to multiple Cisco WSA devices. |