cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1243
Views
0
Helpful
2
Replies

Cisco S170 WSA - How to determine the amount of decrypted HTTPS traffic

DamianRC
Level 1
Level 1

Hello,

 

Is there a way to find out how much traffic the appliance has decrypted? The information is needed for forecasting and sizing purposes.

The dashboard shows the total current connections, but unless I'm mistaken, this would constitute all kinds of connections(HTTP, HTTPS, etc) correct?

 

While on the subject, how would a web filtering appliance be sized for an environment?

1 Accepted Solution

Accepted Solutions

Handy Putra
Cisco Employee
Cisco Employee

Hi,

 

In AsyncOS version 10.5.2, from WSA CLI using command 'status detail' has section call 'SSLJobs' this will list out numbers of SSL traffic being processed by the appliance. However this will include all decrypt, passthrough, etc.

 

The dashboard that shows total current connections, this will shows all traffic - HTTP/HTTPS, etc.

 

From CLI, we do have 'rate' command that will show real time traffic being handled (10 sec interval), however again this is all traffic based on request per seconds.

 

In regards to sizing the WSA, would recommend to contact your Cisco Account Team or Sales Engineer since they do have a tool for sizing guide that you can discuss with them.

The sizing will be based in few factors such as:

1. What sort of functionalities enabled in the WSA

2. Type of traffic (such as streaming traffic, etc)

3. What sort off scanning engines used.

4. Number of requests per seconds

5. AsyncOS versions

6. WSA Model.

 

Best Regards

Handy Putra

View solution in original post

2 Replies 2

Handy Putra
Cisco Employee
Cisco Employee

Hi,

 

In AsyncOS version 10.5.2, from WSA CLI using command 'status detail' has section call 'SSLJobs' this will list out numbers of SSL traffic being processed by the appliance. However this will include all decrypt, passthrough, etc.

 

The dashboard that shows total current connections, this will shows all traffic - HTTP/HTTPS, etc.

 

From CLI, we do have 'rate' command that will show real time traffic being handled (10 sec interval), however again this is all traffic based on request per seconds.

 

In regards to sizing the WSA, would recommend to contact your Cisco Account Team or Sales Engineer since they do have a tool for sizing guide that you can discuss with them.

The sizing will be based in few factors such as:

1. What sort of functionalities enabled in the WSA

2. Type of traffic (such as streaming traffic, etc)

3. What sort off scanning engines used.

4. Number of requests per seconds

5. AsyncOS versions

6. WSA Model.

 

Best Regards

Handy Putra

Thanks Putra.