-Turned on all security services

-AV won't update

-Went to known malware/virus sites, everything still coming through - security services don't seem to be working

? Will there be ways to exclude users and groups (preferably through both IP address and LDAP directory) or include users and groups later on from security features?

Hi Ben,

Firmware releases post 0.4.5 will include A/V functionality and ability to auto-update.

Can you send me the sites you visited?   We would like to verify that the engines are able to detect threats found on those sites.

Regarding your query to user/group policies for security services, on the roadmap we have IP Address control for Web URL filtering and  Application policy control- but there is no firm date yet.

What services specifically would you like to have user/group based policies for security?

Best regards,

Julio

Specifically URL filtering and application policy control - both to be able to apply those to AD groups and REPORT on USERS and GROUPS.  But really building the framework to manage and report all the security offerings based on AD/LDAP would be *strong*.

Being able to either secure certain IPs or exclude certain IPs is acceptable in an initial release though.

So I just googled known malware sites, found this site:

http://www.malwaredomainlist.com/mdl.php

and started clicking down the list - had the first 2-3 that were still live try to download zips, EXEs, etc. to my Mac.  I don't recall which ones, but the list changes daily.

And I applied 0.4.5 prior to doing the testing.  The AV I could activate, but the update button wouldn't actually update it.

Hi Ben,

Anti-Virus function is available (with the latest firmware) but signature updates are not yet available.

Cheers,

Julio

So I just got back from SMB Nation and the 2 most prodominant types of vendors there there the Cloud vendors and a close second were edge security devices.

Kerio, Calyptix, and 4-5 others.

Strangely, the 3 most commonly used vendors - Sonicwall, Fortinet, Watchguard -  were all absent - I think they are looking more up market.

With the ISA feature set as of right now (if all was complete), and the interface being where it is, you guys are still positioned slightly lower than the 3 most commonly used,

BUT I think the true differentiator and where Cisco could be UTTERLY DISRUPTIVE in this market is for you guys to undercut the living hell out of the "big 3" on their services. 

And since you guys are now using services that you "own" you are able to do that and still make money.  I think this would utterly shake up this market by providing your enterprise class services to SMBs at prices below all of these other guys that are either outsourcing their services or using a blended approach.

Otherwise the ISA is going to be a marked improvement over the SA, but there won't be any reason whatsoever for people (resellers or end users) to rip and replace the incumbant vendors that have more mature interfaces and a wider array of hardware options.

Active Directory integration is a BIG differentiator on the whole internet usage reporting as well - most of the "other guys" don't have that, but the ones that do have a big competitive advantage in that you know WHO is watching that porn video, rather than which IP it's coming from.

Hi Ben,

Regarding your inquiry:

-Went to known malware/virus sites, everything still coming through - security services don't seem to be working...

Our Security Data Services team would like to thank you for bringing this discrepancy to our attention.  In investigating the issue, they identified a sensor misconfiguration in one of our data sensors which was causing a discrepancy in web reputation calibration for some URLs.  This has been fixed and steps have been taken to ensure it does not happen again.

Our aim is to provide you world class defense for your systems and we value you bringing this discrepancy our attention.

Regards,

Sheri