Cisco Cisco ScanSafe Wi-Fi Hotspot Security
Cisco CWS
– AnyConnect Web Security Deployment Guide
1
Introduction
Authenticate and redirect web traffic securely whenever the end user is off the corporate network. CWS
leverages cached user credentials and directory information when they are away from the office or VPN,
ensuring that exactly the same web-usage policies are applied.
leverages cached user credentials and directory information when they are away from the office or VPN,
ensuring that exactly the same web-usage policies are applied.
This document provides directions to redirect network traffic to CWS through the AnyConnect Web
Security Client.
Security Client.
*Note: we refer to our cloud proxies as towers. You will see the terms “proxy” and “tower” used
interchangeably throughout the document.
interchangeably throughout the document.
Cloud Deployment
Deployment is divided into the following three sections
Additional Redirect Methods
There are 4 additional redirection methods that have corresponding deployment guides. Deployment
guides for each redirection methods can be found
guides for each redirection methods can be found
, under Technical Collateral.
Cisco Integrated
Services Router (ISR
G2 with CWS
Connector)
Services Router (ISR
G2 with CWS
Connector)
Save bandwidth, money and resources by intelligently redirecting
Internet traffic from branch offices directly to the cloud to enforce
security and control policies. Apply acceptable use policy to all
users regardless of location.
Internet traffic from branch offices directly to the cloud to enforce
security and control policies. Apply acceptable use policy to all
users regardless of location.
Next Generation
Firewall (ASA/ASAv
with CWS Connector)
Firewall (ASA/ASAv
with CWS Connector)
Capitalize ASA investments by offloading content scanning to
Cisco’s cloud through CWS. Apply acceptable use policy to the
company, groups or individual users.
Cisco’s cloud through CWS. Apply acceptable use policy to the
company, groups or individual users.
Web Security
Appliance
(WSA/WSAv with
CWS Connector)
Appliance
(WSA/WSAv with
CWS Connector)
Integrate CWS and WSA to enable identity information to the cloud
and extend other on-premises enterprise features to Cloud Web
Security customers.
and extend other on-premises enterprise features to Cloud Web
Security customers.
Standalone
Deployment
Deployment
Deploy a simple web security solution that does not require any
additional hardware.
additional hardware.
Connect to Cisco’s Cloud Web Security
service using existing browser settings and PAC/WPAD files.
Prepare
Deploy
Test