Securing the Web with Cisco Web Security Appliance (SWSA 300-725) Training

Download Course Contents

Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 Course Overview

The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco® Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.

This course helps you prepare to take the exam, Securing the Web with Cisco Web Security Appliance (300-725 SWSA), which leads to CCNP® Security and the Cisco Certified Specialist - Web Content Security.

Course details

Objectives

After taking this course, you should be able to:

  • Describe Cisco WSA
  • Deploy proxy services
  • Utilize authentication
  • Describe decryption policies to control HTTPS traffic
  • Understand differentiated traffic access policies and identification profiles
  • Enforce acceptable use control settings
  • Defend against malware
  • Describe data security and data loss prevention
  • Perform administration and troubleshooting

Outline

  • Describing Cisco WSA
    • Technology Use Case
    • Cisco WSA Solution
    • Cisco WSA Features
    • Cisco WSA Architecture
    • Proxy Service
    • Integrated Layer 4 Traffic Monitor
    • Data Loss Prevention
    • Cisco Cognitive Intelligence
    • Management Tools
    • Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration
    • Cisco Content Security Management Appliance (SMA)
  • Deploying Proxy Services
    • Explicit Forward Mode vs. Transparent Mode
    • Transparent Mode Traffic Redirection
    • Web Cache Control Protocol
    • Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow
    • Proxy Bypass
    • Proxy Caching
    • Proxy Auto-Config (PAC) Files
    • FTP Proxy
    • Socket Secure (SOCKS) Proxy
    • Proxy Access Log and HTTP Headers
    • Customizing Error Notifications with End User Notification (EUN) Pages
  • Utilizing Authentication
    • Authentication Protocols
    • Authentication Realms
    • Tracking User Credentials
    • Explicit (Forward) and Transparent Proxy Mode
    • Bypassing Authentication with Problematic Agents
    • Reporting and Authentication
    • Re-Authentication
    • FTP Proxy Authentication
    • Troubleshooting Joining Domains and Test Authentication
    • Integration with Cisco Identity Services Engine (ISE)
  • Creating Decryption Policies to Control HTTPS Traffic
    • Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview
    • Certificate Overview
    • Overview of HTTPS Decryption Policies
    • Activating HTTPS Proxy Function
    • Access Control List (ACL) Tags for HTTPS Inspection
    • Access Log Examples
  • Understanding Differentiated Traffic Access Policies and Identification Profiles
    • Overview of Access Policies
    • Access Policy Groups
    • Overview of Identification Profiles
    • Identification Profiles and Authentication
    • Access Policy and Identification Profiles Processing Order
    • Other Policy Types
    • Access Log Examples
    • ACL Decision Tags and Policy Groups
    • Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications
  • Defending Against Malware
    • Web Reputation Filters
    • Anti-Malware Scanning
    • Scanning Outbound Traffic
    • Anti-Malware and Reputation in Policies
    • File Reputation Filtering and File Analysis
    • Cisco Advanced Malware Protection
    • File Reputation and Analysis Features
    • Integration with Cisco Cognitive Intelligence
  • Enforcing Acceptable Use Control Settings
    • Controlling Web Usage
    • URL Filtering
    • URL Category Solutions
    • Dynamic Content Analysis Engine
    • Web Application Visibility and Control
    • Enforcing Media Bandwidth Limits
    • Software as a Service (SaaS) Access Control
    • Filtering Adult Content
  • Data Security and Data Loss Prevention
    • Data Security
    • Cisco Data Security Solution
    • Data Security Policy Definitions
    • Data Security Logs
  • Performing Administration and Troubleshooting
    • Monitor the Cisco Web Security Appliance
    • Cisco WSA Reports
    • Monitoring System Activity Through Logs
    • System Administration Tasks
    • Troubleshooting
    • Command Line Interface
  • References
    • Comparing Cisco WSA Models
    • Comparing Cisco SMA Models
    • Overview of Connect, Install, and Configure
    • Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template
    • Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks
    • Connecting to the Cisco Web Security Virtual Appliance
    • Enabling Layer 4 Traffic Monitor (L4TM)
    • Accessing and Running the System Setup Wizard
    • Reconnecting to the Cisco Web Security Appliance
    • High Availability Overview
    • Hardware Redundancy
    • Introducing Common Address Redundancy Protocol (CARP)
    • Configuring Failover Groups for High Availability
    • Feature Comparison Across Traffic Redirection Options
    • Architecture Scenarios When Deploying Cisco AnyConnect® Secure Mobility

    Lab outline

    • Configure the Cisco Web Security Appliance
    • Deploy Proxy Services
    • Configure Proxy Authentication
    • Configure HTTPS Inspection
    • Create and Enforce a Time/Date-Based Acceptable Use Policy
    • Configure Advanced Malware Protection
    • Configure Referrer Header Exceptions
    • Utilize Third-Party Security Feeds and MS Office 365 External Feed
    • Validate an Intermediate Certificate
    • View Reporting Services and Web Tracking
    • Perform Centralized Cisco AsyncOS Software Upgrade Using Cisco SMA

 

  • 1. Do you have limited Window for training?
  • 2. Can you only spend 4-hours per day?
  • 3. Do you want to start training immediately?
  • If your answer is yes to any one of the above, you need 1-on-1- Training
The 1-on-1 Advantage
Methodology
Flexible Dates
4-Hour Sessions
  • View video
  • The course will be free if we are not able to start within 7 days of booking.
  • Only applicable for courses on which this logo appears.

You will learn:

Module 1: Describing Cisco WSA
  • Technology Use Case
  • Cisco WSA Solution
  • Cisco WSA Features
  • Cisco WSA Architectur
  • Proxy Service
  • Integrated Layer 4 Traffic Monitor
  • Data Loss Prevention
  • Cisco Cognitive Intelligence
  • Management Tools
  • Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration
  • Cisco Content Security Management Appliance (SMA)
  • Explicit Forward Mode vs. Transparent Mode
  • Transparent Mode Traffic Redirection
  • Web Cache Control Protocol
  • Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow
  • Proxy Bypass
  • Proxy Caching
  • Proxy Auto-Config (PAC) Files
  • FTP Proxy
  • Socket Secure (SOCKS) Proxy
  • Proxy Access Log and HTTP Headers
  • Customizing Error Notifications with End User Notification (EUN) Pages
  • Authentication Protocols
  • Authentication Realms
  • Tracking User Credentials
  • Explicit (Forward) and Transparent Proxy Mode
  • Bypassing Authentication with Problematic Agents
  • Reporting and Authentication
  • Re-Authentication
  • FTP Proxy Authentication
  • Troubleshooting Joining Domains and Test Authentication
  • Integration with Cisco Identity Services Engine (ISE)
  • Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview
  • Certificate Overview
  • Overview of HTTPS Decryption Policies
  • Activating HTTPS Proxy Function
  • Access Control List (ACL) Tags for HTTPS Inspection
  • Access Log Examples
  • Overview of Access Policies
  • Access Policy Groups
  • Overview of Identification Profiles
  • Identification Profiles and Authentication
  • Access Policy and Identification Profiles Processing Order
  • Other Policy Types
  • Access Log Examples
  • ACL Decision Tags and Policy Groups
  • Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications
  • Web Reputation Filters
  • Anti-Malware Scanning
  • Scanning Outbound Traffic
  • Anti-Malware and Reputation in Policies
  • File Reputation Filtering and File Analysis
  • Cisco Advanced Malware Protection
  • File Reputation and Analysis Features
  • Integration with Cisco Cognitive Intelligence
  • Controlling Web Usage
  • URL Filtering
  • URL Category Solutions
  • Dynamic Content Analysis Engine
  • Web Application Visibility and Control
  • Enforcing Media Bandwidth Limits
  • Software as a Service (SaaS) Access Control
  • Filtering Adult Content
  • Data Security
  • Cisco Data Security Solution
  • Data Security Policy Definitions
  • Data Security Logs
  • Monitor the Cisco Web Security Appliance
  • Cisco WSA Reports
  • Monitoring System Activity Through Logs
  • System Administration Tasks
  • Troubleshooting
  • Command Line Interface
  • Comparing Cisco WSA Models
  • Comparing Cisco SMA Models
  • Overview of Connect, Install, and Configure
  • Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template
  • Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks
  • Connecting to the Cisco Web Security Virtual Appliance
  • Enabling Layer 4 Traffic Monitor (L4TM)
  • Accessing and Running the System Setup Wizard
  • Reconnecting to the Cisco Web Security Appliance
  • High Availability Overview
  • Hardware Redundancy
  • Introducing Common Address Redundancy Protocol (CARP)
  • Configuring Failover Groups for High Availability
  • Feature Comparison Across Traffic Redirection Options
  • Architecture Scenarios When Deploying Cisco AnyConnect® Secure Mobility
  • Configure the Cisco Web Security Appliance
  • Deploy Proxy Services
  • Configure Proxy Authentication
  • Configure HTTPS Inspection
  • Create and Enforce a Time/Date-Based Acceptable Use Policy
  • Configure Advanced Malware Protection
  • Configure Referrer Header Exceptions
  • Utilize Third-Party Security Feeds and MS Office 365 External Feed
  • Validate an Intermediate Certificate
  • View Reporting Services and Web Tracking
  • Perform Centralized Cisco AsyncOS Software Upgrade Using Cisco SMA
Live Online Training (Duration : 16 Hours)
Group Training 1150 Per Participant Incl. Official Courseware
11 - 12 Jul 09:00 AM - 05:00 PM CST
(8 Hours/Day)
01 - 02 Aug 09:00 AM - 05:00 PM CST
(8 Hours/Day)
1-on-1 Public We Offer :
  • 1-on-1 Public - Select your own start date. Other students can be merged.
  • 1-on-1 Private - Select your own start date. You will be the only student in the class.
1350 + If you accept merging of other students. Incl. Official Courseware
8 Hours
Week Days
Weekend

Start Time : At any time

12 AM
12 PM

1-On-1 Training is Guaranteed to Run (GTR)
Classroom Training (Available: London, Dubai, India, Sydney, Vancouver)
Duration : On Request
Fee : On Request
On Request
Physical Classroom Training with 4 hours /8 hours option is available. Enquire Now!
Comfort Track

If you think 16 hours is too fast, we can offer Comfort Track for 32 hours for only USD 2,700

Course Prerequisites

Who should enroll

  • Security architects
  • System designers
  • Network administrators
  • Operations engineers
  • Network managers, network or security technicians, and security engineers and managers responsible for web security
  • Cisco integrators and partners

Prerequisites

To fully benefit from this course, you should have knowledge of these topics:

  • TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
  • IP routing

You are expected to have one or more of the following basic technical competencies or equivalent knowledge:

  • Cisco certification (CCENT certification or higher)
  • Relevant industry certification [International Information System Security Certification Consortium ((ISC)2), Computing Technology Industry Association (CompTIA) Security+, International Council of Electronic Commerce Consultants (EC-Council), Global Information Assurance Certification (GIAC), ISACA]
  • Cisco Networking Academy letter of completion (CCNA 1 and CCNA 2)
  • Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE)], CompTIA (A+, Network+, Server+)

How you’ll benefit

This class will help you:

  • Implement Cisco WSA to secure web gateways, provide malware protection, and use policy controls to address the challenges of securing and controlling web traffic
  • Gain valuable hands-on skills for high-demand responsibilities focused on web security

Request More Information

Add Name and Email Address of participant (If different from you)

FAQ's


Yes, fee excludes local taxes.
Yes, we do.
The Fee includes:
  • Official courseware
  • Testing Via Qubits
Yes, Koenig Solutions is a Cisco Learning Partner
Schedule for Group Training is decided by Koenig. Schedule for 1-on-1 is decided by you.
In 1-on-1 you can select your own schedule, other students can be merged but you select the schedule. Choose 1-on-1 if published schedule do not meet your requirement. If you also want a private session, opt for 1-on-1 Public.
No, it is not included.
In both, you choose the schedule. In public, other participants can join, Private other participants want to join.
Yes, the site is secure by utilizing Secure Sockets Layer (SSL) Technology. SSL technology enables the encryption of sensitive information during online transactions. We use the highest assurance SSL/TLS certificate, which ensures that no unauthorized person can get to your sensitive payment data over the web.
We use the best standards in Internet security. Any data retained is not shared with third parties.
You can request a refund if you do not wish to enroll in the course.
To receive an acknowledgment of your online payment, you should have a valid email address. At the point when you enter your name, Visa, and other data, you have the option of entering your email address. Would it be a good idea for you to decide to enter your email address, confirmation of your payment will be emailed to you.
After you submit your payment, you will land on the payment confirmation screen. It contains your payment confirmation message. You will likewise get a confirmation email after your transaction is submitted.
We do accept all major credit cards from Visa, Mastercard, American Express, and Discover.
Credit card transactions normally take 48 hours to settle. Approval is given right away; however, it takes 48 hours for the money to be moved.
Yes, we do accept partial payments, you may use one payment method for part of the transaction and another payment method for other parts of the transaction.
Yes, if we have an office in your city.
Yes, we do offer corporate training More details
Yes, we do.
Yes, we also offer weekend classes.
Yes, Koenig follows a BYOL(Bring Your Own Laptop) policy.
It is recommended but not mandatory. Being acquainted with the basic course material will enable you and the trainer to move at a desired pace during classes. You can access courseware for most vendors.
Yes, this is our official email address which we use if a recipient is not able to receive emails from our @koenig-solutions.com email address.
Buy-Now. Pay-Later option is available using credit card in USA and India only.
You will receive the digital certificate post training completion via learning enhancement tool after registration.
Yes you can.
Yes, we do. For details go to flexi
You can pay through debit/credit card or bank wire transfer.
Dubai, Goa, Delhi, Bangalore.
Yes you can request your customer experience manager for the same.
Yes of course. 100% refund if training not upto your satisfaction.

Prices & Payments

Yes of course.
Yes, We are

Travel and Visa

Yes we do after your registration for course.

Food and Beverages

Yes.

Others

Says our CEO-
“It is an interesting story and dates back half a century. My father started a manufacturing business in India in the 1960's for import substitute electromechanical components such as microswitches. German and Japanese goods were held in high esteem so he named his company Essen Deinki (Essen is a well known industrial town in Germany and Deinki is Japanese for electric company). His products were very good quality and the fact that they sounded German and Japanese also helped. He did quite well. In 1970s he branched out into electronic products and again looked for a German name. This time he chose Koenig, and Koenig Electronics was born. In 1990s after graduating from college I was looking for a name for my company and Koenig Solutions sounded just right. Initially we had marketed under the brand of Digital Equipment Corporation but DEC went out of business and we switched to the Koenig name. Koenig is difficult to pronounce and marketeers said it is not a good choice for a B2C brand. But it has proven lucky for us.” – Says Rohit Aggarwal (Founder and CEO - Koenig Solutions)
All our trainers are fluent in English . Majority of our customers are from outside India and our trainers speak in a neutral accent which is easily understandable by students from all nationalities. Our money back guarantee also stands for accent of the trainer.
Medical services in India are at par with the world and are a fraction of costs in Europe and USA. A number of our students have scheduled cosmetic, dental and ocular procedures during their stay in India. We can provide advice about this, on request.
Yes, if you send 4 participants, we can offer an exclusive training for them which can be started from Any Date™ suitable for you.