Cisco Web Security Appliance S395
Get a Quote!
For security, your network needs malware protection, application visibility and control, acceptable use policy controls, insightful reporting and secure mobility. Cisco offers this protection, all on a single platform: Cisco Secure Web Appliance (formerly Secure Web Appliance (WSA)).
In our highly connected and increasingly mobile world, more complex and sophisticated threats require the right mix of security solutions. Cisco delivers security for all layers of network infrastructure with the strong protection, complete control, and investment value businesses need. We also offer a broad set of Secure Web Appliance deployment options, along with market-leading global threat intelligence. Cisco Secure Web Appliance simplifies security with a high performance, dedicated appliance, and the Secure Web Appliance Virtual Appliance (WSAV) lets businesses deploy Secure Web Appliance quickly and easily, wherever and whenever it’s needed.
Secure Web Appliance was one of the first secure web gateways to combine leading protections to help organizations address the growing challenges of securing and controlling web traffic. It enables simpler, faster deployment with fewer maintenance requirements, reduced latency, and lower operating costs. “Set and forget” technology frees staff after initial automated policy settings go live, and automatic security updates are pushed to network devices every 3 to 5 minutes. Flexible deployment options and integration with your existing security infrastructure help you meet quickly evolving security requirements.
Features and Benefits:
Talos Security Intelligence
Receive fast and comprehensive web protection backed by the largest threat detection network in the world, with the broadest visibility and largest footprint, including:
- 100 TB of security intelligence daily
- 1.6 million deployed security devices, including firewall, IPS, web, and email appliances
- 150 million endpoints
- 13 billion web requests per day
- 35% of the world’s enterprise email traffic
Providing a 24x7 view into global traffic activity to analyze anomalies, uncover new threats, and monitor traffic trends. Talos prevents zero-hour attacks by continually generating new rules that feed updates to the WSA every three to five minutes, enabling industry-leading threat defense hours and even days ahead of competitors.
Secure Web Appliance Usage Controls
Combine traditional URL filtering with dynamic content analysis to mitigate compliance, liability, and productivity risks. Cisco’s continuously updated URL filtering database of over 50 million blocked sites provides exceptional coverage for known websites, and the Dynamic Content Analysis (DCA) engine accurately identifies 90 percent of unknown URLs in real time; it scans text, scores the text for relevancy, calculates model document proximity, and returns the closest category match. Administrators can also select specific categories for intelligent HTTPS inspection.
Advanced Malware Protection
Advanced Malware Protection (AMP) is an additionally licensed feature available to all Cisco WSA customers. AMP is a comprehensive malware-defeating solution that enables malware detection and blocking, continuous analysis, and retrospective alerting. It takes advantage of the vast cloud security intelligence networks of both Cisco and Sourcefire® technology. AMP augments the malware detection and blocking capabilities already offered in the Cisco WSA with enhanced file reputation capabilities, detailed file-behavior reporting, continuous file analysis, and retrospective verdict alerting. The Cisco AMP Threat Grid delivers malware protection through an on-premises appliance for organizations that have compliance or policy restrictions on submitting malware samples to the cloud. The Layer 4 Traffic Monitor continuously scans activity, detecting and blocking spyware ”phone-home” communications. By tracking all network applications, the Layer 4 Traffic Monitor effectively stops malware that attempts to bypass classic web security solutions. It dynamically adds IP addresses of known malware domains to its list of malicious entities to block.
Cognitive Threat Analytics
Cisco Cognitive Threat Analytics is a cloud-based solution that reduces time to discovery of threats operating inside the network. It addresses gaps in perimeter-based defenses by identifying the symptoms of a malware infection or data breach using behavioral analysis and anomaly detection. Take advantage of Cisco Cognitive Threat Analytics with a simple add-on license to your Web Security solution. Reduce complexity while gaining superior protection that evolves with your changing threat landscape.
Application Visibility and Control (AVC)
Easily control the use of hundreds of Web 2.0 applications and 150,000+ micro-applications. Granular policy control allows administrators to permit the use of applications such as Dropbox or Facebook while blocking users from activities such as uploading documents or clicking the ”Like” button. The WSA supports visibility of activity across an entire network. New: Customers can deploy customized bandwidth and time quotas per user, per group, and per policy.
Data Loss Prevention (DLP)
Prevent confidential data from leaving the network by creating context-based rules for basic DLP. The Cisco WSA also uses Internet Content Adaptation Protocol (ICAP) to integrate with third-party DLP solutions for deep content inspection and enforcement of DLP policies. The Cisco WSA also supports Secure ICAP to encrypt the traffic exchanged between WSA and third-party DLP solutions.
Remote Browser Isolation (RBI)
By isolating web traffic from the user device and the threat, the Secure Web Appliance RBI delivers an extra layer of protection to the Secure Web Appliance so that users can safely access risky websites without the risk of malware infections. With RBI, the Secure Web Appliance isolates web content in a remote surrogate browser in the cloud, separate from the endpoint and the corporate network, and renders it safely to the end user providing a seamless end user experience.
The Secure Web Appliance protects roaming users by integrating with the Cisco AnyConnect Secure Mobility Client, which provides Secure Web Appliance to remote clients by initiating a VPN tunnel that redirects traffic back to the on-premises solution. Cisco AnyConnect technology analyzes traffic in real time prior to permitting access.
The Secure Web Appliance is also integrated with Cisco Identity Services Engine (ISE). With this exciting enhancement, customers can now take advantage of the power of Cisco ISE for Secure Web Appliance upon request. Cisco ISE integration allows admins to create policy on the Secure Web Appliance based on profile or membership information gathered by Cisco ISE through its single sign-on process.
Centralized Management and Reporting
Receive actionable insights across threats, data, and applications. The Secure Web Appliance provides an easy-to-use, centralized management tool to control operations, manage policies, and view reports.
The Cisco M-Series Content Security Management Appliance provides central management and reporting across multiple appliances and multiple locations, including virtual instances.
Cisco Advanced Secure Web Appliance Reporting is a reporting solution that rapidly indexes and analyzes logs produced by Secure Web Appliance and Cisco Umbrella. This tool provides scalable reporting for customers with high traffic and storage needs. It allows reporting administrators to gather detailed insight into web usage and malware threats.
WSA S395- Midsize Office
|Disk Space||2.4 TB (4x600 GB SAS)|
|RAID Mirroring||Yes (RAID 10)|
|Memory||32 GB, DDR4|
|CPUs||1 x 2.3 GHz, 12C|
|Rack units (RU)||1RU|
|Dimensions including handles (H x W x D)||2 in. x 17 in. x 32 in.|
|Remote power cycling||Yes|
|DC Power Option||No|
|Hot-swappable hard disk||Yes|
|Power Consumption||2626 BTU/hr|
|Ethernet interfaces||6 port 1G Base-T copper network interface (NICs), RJ - 45|
|Speed (Mbps)||10/100/1000, auto negotiate|
|HD Size||Four 600 GB hard disk drives (2.5” 12G SAS 10K RPM) are installed intofront-panel drive bays that provide hot-swappable access for SAS drives|
|CPU||One 2.3GHz 12c 2400MHz processor|
|RAM||Two 16GB DDR4-2666 DIMM1|
The Cisco WSA is a forward proxy that can be deployed in either Explicit mode (Proxy Automatic Configuration [PAC] files, Web Proxy Auto-Discovery [WPAD], browser settings) or Transparent mode (Web Cache Communication Protocol [WCCP], Policy-Based Routing [PBR], load balancers). WCCP-compatible devices, such as Cisco Catalyst® 6000 Series Switches, Cisco ASR 1000 Series Aggregation Services Routers, Cisco Integrated Services Routers, and Cisco ASA 5500-X Series Next-Generation Firewalls, reroute web traffic to the Cisco WSA.
The Cisco WSA can proxy HTTP, HTTPS, SOCKS, native FTP, and FTP over HTTP traffic to deliver additional capabilities such as data-loss prevention, mobile user security, and advanced visibility and control.
A Cisco WSAV license is included in all Cisco Web Security software bundles (Cisco Web Security Essentials, Cisco Web Security Antimalware, and Cisco Web Security Premium). This license has the same term as the other software services in the bundle and can be used for as many virtual machines as needed.
Term-Based Subscription Licenses
Licenses are term-based subscriptions of one, three, or five years.
Quantity-Based Subscription Licenses
The Cisco Web Security portfolio uses tiered pricing based on a range of users, not devices. Sales and partner representatives can help to determine the correct sizing for each customer deployment.
Web Security Software Licenses
Four web security software licenses are available: Cisco Web Security Essentials, Cisco Anti-Malware, Cisco Web Security Premium, and McAfee Anti-Malware. The major components of each software offering follow:
Cisco Web Appliance Essentials
- Threat Intelligence via Cisco Talos
- Layer 4 traffic monitoring
- Application Visibility and Control (AVC)
- Policy management
- Actionable reporting
- URL filtering
- Third-party DLP integration via ICAP
Secure Web Appliance Advantage
- Secure Web Appliance Essentials
- Real-time malware scanning
Cisco Web Appliance Premier
- Secure Web Appliance Advantage
- Advanced malware protection
- Cognitive threat analytics
- Threat Grid file analysis
Advanced Malware Protection
- AMP augments anti-malware detection and blocking capabilities with file reputation scoring and blocking, static and dynamic file analysis (sandboxing), and file retrospection for continuous analysis of threats.
Cognitive Threat Analytics
- CTA relies on advanced statistical modeling and machine learning to independently identify new threats, learn from what it sees, and adapt over time.
- McAfee real-time malware scanning is available as a single, a-la-carte license.
Software License Agreements
The Cisco End-User License Agreement (EULA) and the Cisco Web Security Supplemental End-User License Agreement (SEULA) are provided with each software license purchase.
Software Subscription Support
All Cisco Web Security licenses include software subscription support essential to keeping business-critical applications available, secure, and operating at peak performance. This support entitles customers to the following services for the full term of the purchased software subscription:
- Software updates and major upgrades to keep applications performing optimally at the most current feature set
- Access to Cisco Technical Assistance Center (TAC) for fast, specialized support
- Online tools to build and expand in-house expertise and boost business agility
- Collaborative learning for additional knowledge and training opportunities
Download the Cisco Secure Web Appliancee Data Sheet (PDF).
- Pricing and product availability subject to change without notice.