Hello experts, I had been using normal ACLs for blocking web-browsing (https/http) access for my company users. but recently, we started using DHCP providing auto ip-addrs for users. this means i am no more able to block/allow spicific users web-...
When a do this:https://tools.cisco.com/SWIFT/LicensingUI/Quickstart#. -> Get Other License-> Demo and Evaluation->Security Products-> Cisco Virtual Appliance Demo License->Cisco Web Security Appliance (WSA) Virtual Appliance 45 Days Demo LicenseI see...
We currently have multiple log files created for a variety of different uses, my question is there a way to basically stream a log file real time into a reporting infrastructure? I only seem to find a reference to rolling the log file and the smalles...
folksi have a query on https proxy logsi'm piloting a https proxy configruation and i have a question on the logs generatedi'm decrypting and then encrypting traffic but i'm curious about what the appliance does with the logs showing the unencrypted ...
Hi there, propably a very simple question, yet I don't have a WSA for my labs so here here is the situation:I'd like to block some users from downloading attachements on the webmail portals (like yahoo and gmail), yet allowing them to send normal tex...
Can't really find my answer and have some mixed comments and articles out there. From what I can tell there is not Active/Standby configuration for the WSA's. I did hear that there is a clustering configuration for the WSA's that would allow my licen...
Hello, With the WSA in transparrent redirection mode and using WCCP, would there be any 'normally' expected result that would deny traffic directly to an IP address out to the internet? I was asked to look into this as our cyber team seemed to ...
I am using device level IPS and malware protection on my V9.2.1.2 ASA-CX box at the device level. I have run into a few sites that have low reputation and trigger a block but that I need to access. Since device level protection applies to all acces...
We have been using Websense for years and are happy-ish. Tech support is slow and lacking, but thankfully I havent had to use it a lot. We tried out their SSL filtering and it was a insane nightmare and scrapped it. So we are looking for new vendo...
Greetings!Our current WSA setup uses Persistent Cookies with Transparent Redirection and Credential Encryption disabled. This setup works really well for Web Proxy of HTTP traffic. Recently, we've been working on HTTPS Proxy functions and noticed tha...
Hi Forum, I run a setup with central M660 for policy management of 10 WSA.But when it comes to configuration management, like each box own running config, and PAC files, AD integration etcWhat is the best way to dp this, and are there any central too...
Hi,
I have a WSA and I am trying to test connectivity with a macbook pro.
What I would like is for it to be completely transparent for the user where the AD credentials are passed to the Ironport without having to be entered in the browser. Howev...
Hi,Need advise on how to block http/https traffic from certain IPs. Created an AD group and added the machines to the group and then added a Access Policy to block 3 Protocols but it didn't work. Any suggestions?
When a user goes to download an app the app just sits at waiting/installing. Eventually it times out. When I grep the access logs it shows the ipad bouncing from one apple server to another. If I give the ipad a static ip address that goes around ...
I run a setup with SSL unwrapping - aka HTTPS proxyI am starting to see sites giving warnings, like those:setup is WSA S360 version 7.7.0-761 latest and PAC file for settings to clientsThis PAC file is GPO'ed to windows clients. Cert from Internal PK...
