cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1847
Views
25
Helpful
3
Replies

Ask the Expert: Integrating Cisco Cloud Web Security with Adaptive Security Appliance

ciscomoderator
Community Manager
Community Manager

Welcome to the Cisco Support Community Ask the Expert conversation.  This is an opportunity to learn and ask questions about integrating Cisco Cloud Web Security with Adaptive Security Appliance with Cisco subject matter experts Maite Cadenas and Jennifer Halim.

This is a continuation of the live webcast.

During the live webcast delivered by Maite Cadenas, she explained how to integrate Cisco Cloud Web Security (CWS) with Cisco Adaptive Security Appliance (ASA).  Maite also took the audience through how Cisco ASA works with Cisco CWS and the necessary steps required and things to take into considerations in order to deploy Cisco CWS with Cisco ASA.

 

Agenda

  • Introduction to Cloud Web Security (CWS)
  • Preparation for CWS ASA deployment
  • Deploying CWS on ASA
  • Verifications commands
  • Best Practices
  • Demo

 

Maite Cadenas is a service delivery manager (SDM) for the Cisco Cloud Web Security solution for the EMEAR region. Her work involves helping customers to implement the Cisco CWS solution in their environments, making sure that they have the support needed during the implementation and as a first technical point of contact. Prior this role, she was part of the Brussels Security Team in the Cisco Training Assistance Center (TAC) that helps customers troubleshoot Cisco security technologies. She holds a master's degree in telecommunications engineering and a bachelor's degree in networking technologies from Universitat Enginyeria i Arquitechtura la Salle. She also holds CCIE certification in security (#26075) as well as ITILv3 Foundations. 

Jennifer Halim is also a service deployment manager for the Cisco ScanSafe (Cisco Cloud Web Security) solution for the Asia Pacific and US regions and the team lead. Her work involves implementing the solution within the customer's environment, managing the project and an escalation point of contact for technical account manager team. Prior to her current role, she was part of the Australia Security team in the Technical Assistance Center that helps customers configure and troubleshoot Cisco security technologies. She also served as a mentor to other Technical Assistance Center engineers. Jennifer is also a top contributor in the Cisco Support Community. She has worked in the networking security field for more than 11 years and holds CCIE certification in Security (#16480) as well as CCDP, CISSP and ITILv3 certifications.

 

Webcast Related Links

View the Video

Download the Slides

Read the FAQ

3 Replies 3

ciscomoderator
Community Manager
Community Manager

Hello Maite and Jennifer,

Here are some questions from the Q & A session of the webcast.  

1.  Are enhancements going on for IPv6 support in ASA cluster? Any information or dates on that?

2.  Can CWS handle http and https traffic on non-standard ports?

3.  We’re a school using Chromebooks.  Can you filter Chromebook users with CWS and have user mapping or will it be by IP only? 

Thank you,

Ciscomoderator

1. Are enhancements going on for IPv6 support in ASA cluster? Any information or dates on that?

Ans: IPv6 on ASA with CWS is on the roadmap (no dates available yet), however there is currently no enhancement request on ASA cluster support with CWS.

 

2. Can CWS handle http and https traffic on non-standard ports?

Ans: Yes, CWS can handle non-standard HTTP and HTTPS ports, however not all ports are supported, please raise a TAC case if you are after any specific non-standard port.

3. We’re a school using Chromebooks.  Can you filter Chromebook users with CWS and have user mapping or will it be by IP only? 

Ans: CDA currently only supports integration with Active Directory and ISE/ACS as per the following release notes:

http://www.cisco.com/c/en/us/td/docs/security/ibf/cda_10/release_notes/cda10_rn.html

 

If Chromebooks users are not authenticating against AD or ISE/ACS, then it won't be able to provide the user to IP mapping.