Web Security

S100V Blocks Office Clip Art

Hi, We have S100V Web Security Virtual Appliance. Users trying to use office clip art to download images to their documents. In office 2010 the users can't even see the preview of the image. In office 2013 the users can see the preview but can't down...

Resolved! WSA Issue with VPN Traffic and MS-OUTLOOK

Hi All, I am facing a issue where 1. My users are able to access their mail from the web page, but ms-outlook is not able to sync the mail. 2. Our internal user connects to external site through VPN, the user is able to establish the VPN connection...

Resolved! WSA explicit proxy cookie redirection

Hi, Currently working on a WSA project setup in explicit mode. The customer wants to use cookie surrogate credentials instead of the default IP surrogate credentials because of improved security. I have 2 questions regarding the surrogate cookies: ...

WSA and CDA

WSA gurus, I'm working on a couple of WSA projects and just wanted to confirm that the CDA (linux VM image) is the best way to obtain user contextual information with the WSA appliance. Thanks in advance, Bob

HTTPS redirection does not work for WCCP and WSA

Dear all I would like to test a WCCP and WSA feautre. You can see my topology below. Transparent redirection for HTTP(80) works as charm, but I have problem which HTTPS(443) Explicite services works normaly. When I check show ip wccp 90 detail I see...

NOT Command in Idenitity Policy

I am coming from Bluecoat and we have several rules that are 'Not' something. Example Rule 1: Src:10.0.0.0 255.254.0.0 dst: bing.com action 'ALLOW' Rule 2: Not Src:10.0.0.0 255.254.0.0 or 172.16.0.0 255.255.255.0 DST: google.com, yahoo.com action ...

Custom HTTPS port

How can we allow custom HTTPS port like 5443 through WSA ? I am using WCCP transparent re-direction method. Thanks

Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.

Hi all,We are using WSA 670 and we are intercepting http and https.We have some vip users those are intercepted but all categories in monitor mode and no https decryption for them.some vip users user chrome and they complaint that they get the folowi...

Resolved! S170 Web Security Appliance - downloads are slow

Hi, we are currently implementing a Cisco S170 Web Security Appliance. Currently there are only a few test-users connected to this applicance but we have massive performance issues. Websurfing seems to be fast but downloads are very slow. When downlo...

Resolved! WSA S170 P2

Hi all I have s170 work fine with wccp to ASA by M1 and P1 what is the advantage of using p2 ? and how i can use it and can any one give me any config example or cvd of using p2 I didn't fine it at all is P1 and P2 used to high viability ? Is P2 ...

WSA Use of device FQDN in Identity or Access Policy

I have users that I need to block/allow from/to certain websites. Since their devices are DHCP and thier address could change, can I use the FQDN device name in Identity or Access policies? I am not see this in the user guide as a option. Thank you...

S170 not blocking all windows executables?

Hi all, We have a couple of S170s on AsyncOS 7.7.0 and have found that some windows executables can be downloaded even when the "windows executable" object is blocked by an Access Policy. An example of this is https://download.articulate.com/storyl...

WSA is not working as a transparent proxy after configuring wccp in ASA's inside interface

Hi All , We have configured WSA and placed the appliance in inside of the internet firewall .We have tested the connectivity and checked traffic flow configuring WSA as explicit proxy in client machine which was working fine and tested successfull...

vWSA demo license

Hi, I am not able to apply for a 45 day demo vWSA license. On selecting vWSA 45 day license under security products it pops up "Access page to this page is restricted". Any idea why it is happening? Attached snap for your perusal. Appreciate your hel...

Has it some good configuration on defending Locky Ransomware in WSA?

Hi All, “Locky” ransomware is very horrible, What can we do to defend Locky Ransomware in WSA? Or is it any good suggstions in WSA's configuration? Thanks!

Web Security

Forum Posts

S100V Blocks Office Clip Art

Resolved! WSA Issue with VPN Traffic and MS-OUTLOOK

Resolved! WSA explicit proxy cookie redirection

WSA and CDA

HTTPS redirection does not work for WCCP and WSA

NOT Command in Idenitity Policy

Custom HTTPS port

Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.

Resolved! S170 Web Security Appliance - downloads are slow

Resolved! WSA S170 P2

WSA Use of device FQDN in Identity or Access Policy

S170 not blocking all windows executables?

WSA is not working as a transparent proxy after configuring wccp in ASA's inside interface

vWSA demo license

Has it some good configuration on defending Locky Ransomware in WSA?

Suggestion to Include More CTF Challenges in the Ethical Hacking Cours

Cisco Umbrella - upload file names

Cisco Talos Content Categorization

Cisco Secure Firewall not registering with Umbrella connector

Microsoft Intune und Updates not Working with Umbrella Roaming Module

How to install a godaddy .crt file on ASAv10

CISCO IRONPORT S100V VULNERABILITIES REMEDIATION

FMC Current Interface Status and Interface traffic Widgets

Are there not three different man in the middle attacks here?

Session resumption setting in WSA