SWSA – Securing the Web with Cisco Web Security Appliance 2.1

SWSA - Securing the Web with Cisco Web Security Appliance 2.1

COURSE OUTLINE:

Description

In this comprehensive two-day course containing hands-on labs, demos, and presentations, you will learn to install, configure, operate, and maintain the S-Series web security appliances. You will focus on HTTP and HTTPS proxy services, L4 traffic monitoring, authentication and web access control, URL filtering, anti-malware filtering, troubleshooting S-Series configuration issues, and S-Series deployment. You will also see how the WSA is used in a SAAS scenario (Security-As-A-Service) and how Cisco WSA can inspect HTTPS traffic. Hands-on labs provide you with a safe environment to experiment with malware and attempt configurations that might not be appropriate for a production network.

Audience

Security architects and system designers
Network administrators and operations engineers
Network or security managers responsible for web security

Prerequisites

Knowledge of TCP/IP services, including DNS, SSH, FTP, SNMP, HTTP, and HTTPS
Familiarity with IP routing

Learning Objectives

HTTP and HTTPS proxy services L4 traffic monitoring
Authentication and web access control
URL filtering anti-malware filtering
Anti-malware filtering using reputation, anti-virus and anti-phishing
Troubleshoot S-Series configuration issues
S-Series deployment

1. Reviewing the System

2. Installing and Verifying the Cisco Web Security Appliance

3. Configuring Virtual Web Security Appliance Connector to Cisco Cloud Web Security

4. Deploying Proxy Services

5. Utilizing Authentication

6. Configuring Policies

7. Enforcing Acceptable Use with URL Categories

8. Enforcing Acceptable Use: Advanced Topics with Application Visibility and Controls

9. Using Cisco WSA for Security-as-a-Service (SaaS)

10. Defending Against Malware with Reputation score and antimalware scanning

11. Configuring Data Security to prevent Data Loss

12. Describing Cisco Cloud Web Security including Cisco AnyConnect Secure Mobility Client

13. Performing Administration and Troubleshooting

RELATED COURSES

Courses
Applications Development

Introduction to Programming with ABAP

This course is based on software release SAP ECC 6.07 (SAP NetWeaver 7.40).

The ABAP Workbench Foundations programming courses require that you understand the content of this basic course.

Courses
Applications Development

Securing .Net Web Applications

In this course, you will thoroughly examine best practices for defensively coding .NET web applications, including XML processing and web services. You will repeatedly attack and then defend various assets associated with a fully-functional web application. This hands-on approach drives home the mechanics of how to secure .NET web applications in the most practical of terms. This workshop is a companion course with several developer-oriented courses and seminars. Although this edition of the course is .NET-specific, it may also be presented using JEE or other programming languages.

PCI Compliant Developer Training: Version 3.0 of the Payment Card Information Data Security Standard (PCI-DSS) and the Payment Application Data Security Standard (PA-DSS) have placed an increased emphasis on information security training and awareness. This class can help meet the annual training requirements for your developers and vendors. This secure coding training addresses common coding vulnerabilities in software development processes. This training is used by one of the principle participants in the PCI DSS. Having passed multiple PCI audits, this course has been shown to meet the PCI requirements. The specification of those training requirements are detailed in 6.5.1 through 6.5.10 on pages 55 through 59 of the PCI DSS Requirements 3.0 document dated November 2013.

Courses
Applications Development

Introduction to Ruby Programming

In this course, you will learn about the fundamental components of the Ruby programming language. Working in a lab intensive, hands-on programming environment, you will explore object-oriented aspects of Ruby and best practices for developing robust applications with Ruby. Topics include arrays, hashes, regular expressions, IO, exceptions, modules, and applications areas such as Common Gateway Interface (CGI), client/server, and network programming.

Courses
Applications Development

Mastering JEE Design Patterns

Technologies such as JPA and EJB3, as well as frameworks such as Spring, web services, and rich interfaces, have significantly impacted previous generations of design patterns. Many of these technologies were heavily influenced by the very problems that previous design patterns addressed. While the basic patterns still ring true, the more advanced patterns have evolved into more robust solutions for secure, stable and scalable enterprise applications.

In this is a lab-intensive Java/JEE design patterns training course, you will explore the many sophisticated JEE-oriented design patterns and how to use these patterns to develop solid, robust, and reusable JEE applications. Working in a hands-on environment, you will explore key patterns in each of the different JEE layers and how they are used most effectively in building robust, reusable JEE applications. This course combines the use of hands-on coding labs with several ‘mini-projects’ to be completed throughout the training to get you using and reviewing the Patterns in a practical manner.

You will be led through an extended project whose solution includes the application of the various patterns as well as several cross-cutting patterns addressing issues such as security, transactions, and auditing. Throughout the course you will explore the Crosscutting, Presentation Tier, Business Tier, and Integration Tier pattern categories. You will compare and contrast these patterns and explore the advantages and disadvantages of using certain patterns for explicit development functions in the JEE framework.