Cloud Security

Block facebook on Cisco Cloud Web Security

Dear all, how can i block facebook with all subdomains at Cisco Cloud Web Security? I blocked in the filter the category "Professional Networking" an "Social Networking". But facebook is always accessable. I think the reasen is https://. Who can me ...

Transparent NTLM Authentication Cisco CWS and ISR not functioning

Hello All, I am setting up a Transparent proxy using Cisco CWS and an ISR. (Cisco 3925 with version 15.4-3.M3) I have it mostly functional however the issue that I'm having now is that the transparent NTLM functionality doesn't appear to be working. ...

Scansafe tower not stable after emergency maintenance

Hi I have got an email from CWS Advisory said that Tokyo DC will have a emergency maintenance on 12th Feb 2016. and when I back to office next Monday, found that it is not able to display the webpage sometimes, but not always, before it was working g...

WSA and CWS solution

We have a customer needing a WSA solution for their 5 offices and a CWS solution for the users traveling or working from home. I would like to know if this two solution can work together and also which is the best way to deploy the remote users? Can ...

Resolved! WSA - Reporting - Report URL categories accessed by Identity profile or by subnet

Is it possible to create a report on WSA based on an ID profile or based on a subnet, like the one you can create for users with network/mask, that gives you the information about the URL categories accessed by the ID profile/subnet? thank you,

CSCul84561 - Ability to bypass Tower for HTTPS sites for Transparent Traffic

We use the WSAv in connector mode and transparent (wccp) to get traffic to the towers for hundreds of customers. We have to have two processes to exclude traffic from towers:1. HTTP - use the Wsa web UI policy (preferred)2. HTTPS - cli ASA firewall a...

WSA Connectivity Test

Is it possible to configure the WSA to stop accepting connections on the P1 interface if the P2 interface can't reach the Internet? For example: Switch failure, ISP down, etc.

FTP proxy not working half of the time

I configured FTP proxy and I configured a Identification Profile for native FTP. When I test it I have to refresh the ftp website 3 to 4 times before it opens. I'm using wccp redirection to divert traffic to the WSA. If I remove the traffic from the ...

Resolved! Getting trial license for virtual WSA S1000V

Hello, I'm trying to evaluate the virtual WSA and the guy from Cisco Licensing operations needs SKU and Virtual serial number. I have deployed the .vmdk file downloaded from cisco.com on my ESXi server but the entire GUI is disabled because the licen...

ScanSafe picking up the wrong username

Seasons Greetings!! We use CWS and in order for the proper policy to be applied in the field authUserName: MyDomain\XXXXXX there need to be a user account and not a system account. I have users on that occasionally get a system account which then ...

Cloud Web Security (formerly Scansafe) ldap resultCode: 49 Invalid Credentials. Default usergroup applied after user's sAMAccount authentication fails after BINDING

I have a serious problem with LDAP, for the purpose of Scansafe, on a 3945 ISR with IOS 15 (C3900-UNIVERSALK9-M). LDAP binding to the LDAP Server (Active Directory on Win Srv 2008 R2) when authenticating any domain user, except for the default Sca...

Resolved! ScanSafe not picking up username

Hello, We have been using Scansafe/CWS using a config file that is deployed using group policy. For a long time this was working well, however over the past several months people stopped being prompted for credentials (it is set to timeout after 2 ...

CWS S300V - can not add groups to Cloud Policy

I am using CWS S300V Virtual appliance.- The machine is working, tested etc. However, we are at the final stage to add groups under the following heading: ' Edit Cloud Policy Directory Groups' We see all the directories from the Active directory, w...

Machine name instead of user name on WSA proxy.

Hi Everyone, We have WSA(S680) 8.5.2-103 and its deployed in both explicit and transparent mode.We are using default setting for authentication as below .The issue we are facing is that sometimes user gets blocked because it goes with machine name...

Cisco IOS ISR G2 IP Admission for CWS: Shared Machine, Same IP

Hello. I have a situation about IP admission using transparent NTLM.I have a shared machine where a users logs on and after a random time, another user takes place logging on with it username/password.But ISR have already authenticated this machine b...

Cloud Security

Forum Posts

Block facebook on Cisco Cloud Web Security

Transparent NTLM Authentication Cisco CWS and ISR not functioning

Scansafe tower not stable after emergency maintenance

WSA and CWS solution

Resolved! WSA - Reporting - Report URL categories accessed by Identity profile or by subnet

CSCul84561 - Ability to bypass Tower for HTTPS sites for Transparent Traffic

WSA Connectivity Test

FTP proxy not working half of the time

Resolved! Getting trial license for virtual WSA S1000V

ScanSafe picking up the wrong username

Cloud Web Security (formerly Scansafe) ldap resultCode: 49 Invalid Credentials. Default usergroup applied after user's sAMAccount authentication fails after BINDING

Resolved! ScanSafe not picking up username

CWS S300V - can not add groups to Cloud Policy

Machine name instead of user name on WSA proxy.

Cisco IOS ISR G2 IP Admission for CWS: Shared Machine, Same IP

Get all tunnel groups API SSE call not returning datacenter IP

VPN SAML Connection Fails when Cisco Umbrella Is Enabled

FPR 1010 Migration to cdfmc

Umbrella - List of application settings

Scheduled release date for Cisco Secure Access Multi-Org Console

Filters for List Regions for Network Tunnel Groups

Secure Access region-to-region (POP) connections

How to determine the region to which Secure Access connects

XDR Device value bulk change

XDR Email notification on new Incident