Web Security

The problem with the performance of CISCO WSA S170.

Good afternoon.The problem with the performance of CISCO WSA S170.The performance of the proxy server is greatly reduced, and periodically it is generally not available.The solution is described below.There is described a known problem, but regarding...

Does Cisco WSA Configuration file contains confendential information?

I just wanted to know whether Cisco IronPort WSA Configuration file containes confendential information? like passwords etc...?

Access Policy: (null)

Hi Support Community, I have an issue with my client WSA. One of their users cannot access Facebook. So they run policy match from their WSA GUI to detect which policy this user hit that makes him unable to access Facebook. The result is shown below...

WSA blocked HTTPS TUNNEL to googlevideo

Hello, the access to URL https://*.googlevideo.com doesn´t work through my WSA. In logs i have seen the next error: tunnel://redirector.googlevideo.com:443 Block - URL Cat I have a custom URL category with googlevideo.com and this URL category is ...

Cisco Web Security High Availability

Hi,Understand that the Cisco WSA HA utilizing VRRP without using external load-balancer but it only supports explicit deployment only. The thing I understand from the HA is it only support active-passive but not active-active. I need to know how true...

Resolved! Access logs

I am receiving this error message. I have not been able to figure out how to delete the old access logs to free up some space. Log Error: Subscription accesslogs: Log partition is full. Product: Cisco S170 Web Security Appliance Model: S170 Versi...

CDA keeps locking out CDAService AD user account

Ok a few changes in our environment in the past few weeks. 1) Our CDA virtual appliance took a dump. We redeployed it. 2) Introduced a new Server 2012 R2 DC in the environment. Despite these two things, we keep seeing our AD User account CDAService...

WSA deployment strategy when deploying multiple devices in transparent mode

Hi all, I have a pair of S390. We want to deploy them in transparent mode. Our target is to redirect the web traffic using WCCP. I found this article and read the answer already. https://supportforums.cisco.com/discussion/11753771/wsa-redundancy-an...

WSA Wildcard Certificate

Hi Folks, WSA support wildcard certificate? If it supports, what are the steps to perform to install the certificates?

WSA to CDA Communication

Hello, Can someone tell me what the mechanism is for the WSA to update new information from the CDA? For example, if there was no IP-user mapping and we re-auth'd the user and verified a mapping was created, when would the WSA get this info. Also, i...

Cisco Ironport S360 stopped capturing traffic

Good afternoon - I have an Ironport S360 (EOL in ~30 days....) that has stopped capturing traffic. From what I can tell, both P1 and P2 are operational (int the Up/Up status on our core switch). There are also 2 L4 interfaces connected to our switch ...

WSA web filtering WBRS

I'm seeing more and more phishing emails with links that incorporate a google redirect to allow the web connection to pass because Google has a good WBRS. The URL being redirected to has a poor web reputation score, so the phisher is bypassing the WS...

Cisco SMA report

Hi, I'm currently using Cisco SMA (AsyncOS Version:10.0.0-055) for managing 3 WSA which is using in 3 Different Office. I wanted generate the report from SMA for one specific WSA (basically want to see the report based on office location). Please a...

Is there a way to view a log entry for an uncessful connection

Hello, I am attempting to figure out what workstation a website request originated from that the firewall is reporting that came from the WSA proxy. When I search the proxy for the specific URL I get nothing. I have noticed a behavior that if the pro...

Resolved! Cisco DVS Anti-Malware Settings - Difference between monitor and block

Hi everybody, in the Anti-Malware Settings I have the choice between monitor and block traffic. Can somebody tell me what happens when I set the option to monitor? Is the traffic logged only? Or will the DVS inspect the packet and drop only if it's ...

Web Security

Forum Posts

The problem with the performance of CISCO WSA S170.

Does Cisco WSA Configuration file contains confendential information?

Access Policy: (null)

WSA blocked HTTPS TUNNEL to googlevideo

Cisco Web Security High Availability

Resolved! Access logs

CDA keeps locking out CDAService AD user account

WSA deployment strategy when deploying multiple devices in transparent mode

WSA Wildcard Certificate

WSA to CDA Communication

Cisco Ironport S360 stopped capturing traffic

WSA web filtering WBRS

Cisco SMA report

Is there a way to view a log entry for an uncessful connection

Resolved! Cisco DVS Anti-Malware Settings - Difference between monitor and block

Cisco WSA Proxy commands For Integrity Monitoring and its important

Cisco SWA Notification: MALWARE_SPECIFIC

Suggestion to Include More CTF Challenges in the Ethical Hacking Cours

Cisco Umbrella - upload file names

Cisco Talos Content Categorization

How to install a godaddy .crt file on ASAv10

CISCO IRONPORT S100V VULNERABILITIES REMEDIATION

FMC Current Interface Status and Interface traffic Widgets

Are there not three different man in the middle attacks here?

Session resumption setting in WSA