Web Security

Resolved! Ironport WSA Log Fields

Good Afternoon,Based on the Ironport WSA documentation for fields cs-bytes & sc-bytes, which is upload/download? I'm finding conflicting information.%qcs-bytesRequest size (headers + body).%ssc-bytesResponse size (header + body).Cheers,James

Resolved! Dual Active Active WSA Load balanced by F5 LTM.

Hi Everyone, We want to setup two WSA Web security Appliances, behind an F5 LTM load balancer. (See the attachment) The F5 load balancer will not handle the SSL certificate as it is listening on port 8080. This traffic will then be sent to the WSA...

WSA removes CRL information in certificate.

Our WSA-proxy performs TLS-decryption for End-User Notification. If a user tries to visit a webpage in a forbidden URL category (not permitted by policy) then a block message is shown. If the user uses Firefox or Google Chrome then everything works a...

Resolved! How to bypass umbrella for single URL,

Hi All I am trying to figure out how to bypass umbrella for a single URL, (needs to go via DC). Our customer has migrated over to umbrella and we need to source the end user's traffic from our External FW. Currently, we have Anyconnect with the um...

Resolved! Change Web Interface Certificate on WSA

Let me preface this question by saying that I'm not asking how to install an SSL for HTTPS Proxy for Transparent Redirection. I've already done that and it's working. What I would like to know is how to change the SSL certificate the appliance is usi...

Resolved! Bandwidth Cisco WSA

Hello,I want to ask about bandwidth in menu Reporting > System Statusis it the bandwidth represent the amount of total bandwidth used from all client through the proxy to internet?what is different from menu Reporting > System Capacity > Bandwidth Ou...

Talos Intel vs Firepower URL Categories?

Looking through the Talos Intelligence Categories here: https://www.talosintelligence.com/categoriesversus the URL categories available in Firepower....they don't match up....(106 on Talos site, and 126 in firepower)Granted that 'any', 'uncategorized...

CA server Auth Problem

hi , i have problem with connecting one device to CA server i create trustpoint crypto pki trustpoint CA enrollment terminal serial-number subject-name CN=x , OU=x revocation-check none rsakeypair my.ca.keybut when i paste CSR that i create with...

Cisco ISE - err cert authority invalid

Hello ! I have installed and configured Cisco ISE 3.1. Guest user connects to ssid and gets it's credentials for access to internet. Everything is ok here. But when user attempts to type any site in the browser it says "err cert authority invalid". I...

Resolved! Separate default route for P1 and P2

Hi there. Is it possible to configure P1 and P2 on a Cisco WSA so that they each have their own default route?

Which programming language must one learn for web security, Python or

Which programming language must one learn for web security, Python or JavaScript? mouse test online

Websites IP

Dears,when running a web tracking on the WSA, I can see some urls listed as IP,how can i fix the problem?Please note that i am using 8.8.8.8 as dns

TCP + SSL Session

Hi,I have a firewall with URL filtering enabled. SSL is also enable for this filtering. When client try to communicate with google.com (example), first it get IP of google from DNS and then start TCP 3 way handshake process. All communication go thro...

Resolved! AnyConnect (Umbrella Roaming Security) Disconnects Internet

Hi there, In our organization we´re using AnyConnect Client for Umbrella SIG (SWG and DNS) (not VPN). We have it deployed to all the computers in the company, we all use the same rules. On some computers when the AnyConnect client is installed, it au...

cisco wsa block telegram, not captured in traffic log

I encounter with the Telegram app via phone unable to connect and keep updating. I manage to resolve this issue by bypass it through Cisco WSA but inside Firewall log we unable to see any blocking or packet drop.

Web Security

Forum Posts

Resolved! Ironport WSA Log Fields

Resolved! Dual Active Active WSA Load balanced by F5 LTM.

WSA removes CRL information in certificate.

Resolved! How to bypass umbrella for single URL,

Resolved! Change Web Interface Certificate on WSA

Resolved! Bandwidth Cisco WSA

Talos Intel vs Firepower URL Categories?

CA server Auth Problem

Cisco ISE - err cert authority invalid

Resolved! Separate default route for P1 and P2

Which programming language must one learn for web security, Python or

Websites IP

TCP + SSL Session

Resolved! AnyConnect (Umbrella Roaming Security) Disconnects Internet

cisco wsa block telegram, not captured in traffic log

Suggestion to Include More CTF Challenges in the Ethical Hacking Cours

Update Web Certificate in UCSM 4.2(3i)

Use Umbrella API to Manage Selective Decryption Lists

Cisco Umbrella - upload file names

Cisco Talos Content Categorization

Are there not three different man in the middle attacks here?

Session resumption setting in WSA

WSA S695 / S195 Web Security Appliance: NWS: failoverHealthy/Unhealthy

WSA SOCK proxy enable

Scheduled User-Specific (with username) Reporting in SMA with WSA