Cisco SITCS 1.0: Configuring Cisco Web Security Appliance

This course is included in our On-demand training solution.


Cisco Web Security Appliance (WSA) enables you to control user access based on the web server category of a particular HTTP or HTTPS request. Using access policy groups, you can create access policies that control access to websites containing objectionable or questionable content. The sites that are blocked, allowed, or decrypted depend on the categories that you select when you set up URL category filtering within each policy group. In this course, you will learn acceptable use controls provided by the Cisco WSA and the anti-malware feature and its implementation on the Cisco WSA. You will also learn how to configure decryption policies on Cisco Web Security Appliance and the data security controls available on the Cisco WSA. This course is one of a series in the SkillSoft learning path that covers the objectives for the Implementing Cisco Threat Control Solutions (SITCS) 1.0 (300-207 SITCS) exam.

Target Audience

This path is designed to prepare security engineers with the knowledge covering advanced firewall architecture and configuration with the Cisco next-generation firewall, utilizing access, and identity policies. It is also suitable for students interested in pursuing their Cisco Certified Network Professional Security (CCNP Security) certification.



Expected Duration

90 min.

Course Objectives

Course Introduction

Acceptable Use Controls

  • provide an overview of the two main Cisco Web Security Appliance acceptable use controls
  • URL Categorizing Process

  • describe the process of categorizing a web site
  • Application Visibility and Control Overview

  • describe Cisco Application Visibility Control
  • Streaming Media Bandwidth Control Overview

  • describe streaming media bandwidth control
  • Using the Policies Table

  • describe how to use the policies table
  • Configure URL Filtering

  • describe how to configure URL filtering
  • URL Category Reports

  • describe the URL category reports
  • Configuring AVC

  • describe how to configure AVC
  • Dynamic Vectoring and Streaming Engine

  • describe the Cisco WSA DVS engine
  • Contrast Webroot with Sophos or McAfee Malware Scanning

  • describe the differences between Webroot with Sophos or McAfee
  • Adaptive Scanning

  • describe the Cisco WSA adaptive scanning feature
  • Web Reputation Filtering Overview

  • describe the Cisco Web Reputation Filters
  • Web Reputation Filtering, Adaptive and Malware Scanning

  • describe how to enable global Scanning Engines, Web Reputation Filtering and Adaptive Scanning
  • Inbound Web Reputation Filtering and Malware Scanning

  • describe the inbound reputation filtering and malware scanning configuration
  • Configure Outbound Malware Scanning

  • describe the outbound malware scanning configuration
  • HTTPS Proxy

  • describe the HTTPS proxy operation
  • Invalid Destination Web Server Certificate Handling

  • describe the invalid certificate handling
  • Configure Decryption Policies

  • describe how to configure decryption policies
  • Cisco WSA Data Security Overview

  • describe data security on the Cisco WSA
  • Data Security Policies

  • describe data security policies
  • Control Uploaded Content

  • describe how to control uploaded content
  • Exercise: Managing a Cisco Web Security Appliance