Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
174
Views
0
Helpful
0
Comments

Introduction to Cisco Web and Email Security Solutions

Blue_Bird
VIP
VIP

on ‎01-06-2025 05:56 AM

                                                             Introduction to Cisco Web and Email Security Solutions

Introduction

Security Management Appliance (SMA)

Async OS

Web Security Applicance (WSA)

Email Security Appliance (ESA)

Introduction

Cyber actors use email and web as the top two threat vectors to carry out many of their attacks. Why is this? It's because email and web protocols are the most popular protocols used by individuals and organizations.

Gopinath_Pigili_0-1735298174545.png            Gopinath_Pigili_2-1735298261658.png

Cisco acquired a company called IronPort that created what we know now today as Cisco Web Security Appliance (WSA) and the Email Security Appliance (ESA) to address these two problems.

The Cisco WSA and Cisco ESA are solutions designed to provide strong protection, complete control and operational visibility into threats to an organization. The Cisco WSA and Cisco ESA have been integrated with other Cisco solutions such as Advanced Malware Protection (AMP) and they also can digest threat intelligence from Cisco Talos.

Security Management Appliance (SMA): Cisco WSA and Cisco ESA can be managed by the Cisco Content Security Management Appliance or SMA. The Cisco SMA provides a solution for centralizing the management and reporting functions of multiple Cisco ESA and Cisco WSA appliances. When you deploy the Cisco SMA, it provides simplification of administration and planning and it improves compliance monitoring. Another benefit of the Cisco SMA is that it allows administrators to enable consistent policy enforcement and enhances threat protection.

                                           Gopinath_Pigili_3-1735298325190.png

 Async OS: The underlying operating system of the ESA, WSA and Cisco SMA is the Async operating system or Async OS. Async OS powers the WSA, ESA and SMA and it is based on a FreeBSD based kernel. However, Cisco enhanced Async OS to address some of the limitations of traditional Linux and UNIX operating systems.

One of the primary focus was scalability. In order to support thousands of connections per minute, Cisco WSA and ESA and Cisco SMA running Async OS take advantage of a high-performance file system and optimized asynchronous communication of email and web transactions. Async OS does not have a user UNIX shell. The administrators can configure the system using a web admin portal, or web-based GUI or a fully scriptable command-line interface.

Web Security Appliance (WSA): Secure Web Appliance or Web Security Appliance was one of the first secure web gateways to combine leading protections to help organizations address the growing challenges of securing and controlling web traffic. It is available as a Physical appliance or a Virtual appliance.

The Web Security Appliance enables simpler, faster deployment with fewer maintenance requirements, reduced latency, and lower operating costs. “Set and forget” technology frees staff after initial automated policy settings go live, and automatic security updates are pushed to network devices every 3 to 5 minutes. Flexible deployment options and integration with your existing security infrastructure help you meet quickly evolving security requirements. 

Gopinath_Pigili_4-1735298401560.png    Gopinath_Pigili_0-1735298714884.png

Websecurity Appliance Deployment Modes:   The Cisco WSA can be deployed in Explicit proxy mode or as a Transparent proxy using the Web Cache Communication Protocol (WCCP). WCCP is a protocol originally developed by Cisco, but several other vendors have integrated it in their products to allow clustering and transparent proxy deployments on networks using Cisco infrastructure devices (routers, switches, firewalls, and so on).

 
Explicit Proxy Mode:
 
Gopinath_Pigili_5-1735300471971.png
  • An internal user makes an HTTP request to an external website. The client browser is configured to send the request to the Cisco WSA.
  • The Cisco WSA connects to the website on behalf of the internal user.
  • The firewall (Cisco ASA) is configured to only allow outbound web traffic from the Cisco WSA, and it forwards the traffic to the web server.
Transparent Proxy Mode:
 
Gopinath_Pigili_6-1735300585080.png
  • An internal user makes an HTTP request to an external website.
  • The internal router (R1) redirects the web request to the Cisco WSA using WCCP.
  • The Cisco WSA connects to the website on behalf of the internal user.
  • Also in this example, the firewall (Cisco ASA) is configured to only allow outbound web traffic from the WSA. The web traffic is sent to the Internet web server.
Gopinath_Pigili_7-1735301001866.png  Gopinath_Pigili_8-1735301034862.pngEmail Security Appliance (ESA):  The Cisco ESA can be deployed as a physical appliance, virtual appliance or as a cloud service. The Cisco ESA will act as the email gateway to an organization, controlling the transfer of all email connections, accepting messages and relaying messages to the appropriate email servers. As you probably already know, email transactions on the internet use SMTP. The Cisco ESA can handle all SMTP connections for an organization acting as the SMTP gateway.

 

Gopinath_Pigili_1-1735298800648.pngGopinath_Pigili_3-1735299358196.png
Gopinath_Pigili_9-1735301587460.png

Thank you very much...!


           

 

 

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents