Sign in Subscribe
By Craig Garnham in CCNP Security

WSA - Web Security Appliance

WSA Icon

WSA is a Web Proxy (Explicit or Transparent) that enforces policy and stops threats.

Transparent redirect port 80/443 using WCCP - Web Cache Communication Protocol (v2)

Security Intelligence Operations
Security Intelligence Operations

Setting up the WSA

adminaccessconfig - restrict IP addresses for accessing the admin interface and set SSL policy

ifconfig

WSA ifconfig
WSA ifconfig

Changes are not applied until committed with commit

  • default IP: 192.168.42.42
  • default username: admin
  • default password: ironport
Secure Web Virtual Appliance Login Page
Secure Web Virtual Appliance Login Page

Systems Administration > System Setup > System Setup Wizard

Cisco License Agreement
Cisco License Agreement
Appliance Mode
Appliance Mode
Network Settings
Network Settings
Network Context
Network Context
Network Interfaces
Network Interfaces
Layer 4 Traffic Monitor
Layer 4 Traffic Monitor
IPv4 Routes
IPv4 Routes
Transparent Connection Settings
Transparent Connection Settings
Admin Settings
Admin Settings
Security Settings
Security Settings

Directing Traffic to the WSA

Explicit Proxy:

  • Manually configured in the browser or pushed via group policy
  • PAC - Proxy Auto Configuration, hosting a file that contains the proxy settings
  • WPAD - set proxy details via DHCP/DNS

The PAC file can be hosted directly on the WSA

Security Services > PAC File Hosting

PAC File Hosting Settings
PAC File Hosting Settings

Transparent Proxy:

  • WCCPv2
  • PBR - Policy-Based Routing, reroute web traffic to the WSA
  • L4 or L7 Switch
Add WCCP v2 Service
Add WCCP v2 Service
WSA - Identities and Policies
Configure Identities and Policies on the Cisco Secure Web Appliance
CG1NETWORKCraig Garnham
Previous

PIX - Firewall Essentials

 Next

WSA - Identities and Policies

You might also like...