Cisco Cisco Web Security Appliance S360 Getting Started Guide
At-a-Glance
Sophisticated Web Security for Sophisticated Threats
Effective web security today requires a lot more than blocking
navigation to bad websites. You can download viruses or malware
through legitimate websites as well. And there are new vulnerabilities
with mobile access, social media, and interactive applications. As web
threats continue to rise, it is critical to have a solution that goes beyond
the basics in threat detection, URL filtering, and application control.
navigation to bad websites. You can download viruses or malware
through legitimate websites as well. And there are new vulnerabilities
with mobile access, social media, and interactive applications. As web
threats continue to rise, it is critical to have a solution that goes beyond
the basics in threat detection, URL filtering, and application control.
You need a web security solution that provides continuous monitoring
and analysis to help your security team catch even the stealthiest
threats. You need the Cisco® Advanced Malware Protection (AMP) for
Web Security with Cognitive Threat Analytics (CTA) for WSA.
and analysis to help your security team catch even the stealthiest
threats. You need the Cisco® Advanced Malware Protection (AMP) for
Web Security with Cognitive Threat Analytics (CTA) for WSA.
Why AMP Is So Important
Traditional web security measures are not enough to stop today’s
advanced threats. Integrating AMP with Cisco’s web security solutions
gives you advanced threat capabilities alongside traditional web security
features, to protect against the most advanced attacks.
advanced threats. Integrating AMP with Cisco’s web security solutions
gives you advanced threat capabilities alongside traditional web security
features, to protect against the most advanced attacks.
Figure 1. Retrospective Analysis with AMP
Point-In-Time
Detection
Analysis Stops
Actual Disposition = Bad = Too Late!!
Actual Disposition = Bad = Blocked
Blind to
scope of
compromise
Not 100%
Initial Disposition = Clean
Initial Disposition = Clean
Continuous
Monitoring
Analysis Continues
Retrospective Analysis
AMP
Sandboxing
Antivirus
Identifies
threats after
an attack
AMP adds malware detection, blocking, continuous analysis, and
retrospective alerting (Figure 1) to your Cisco Web Security Appliance
license. Features include:
• Flexibility and choice: The integration of AMP with existing Cisco
security gateways gives you another
way that makes the most sense for your environment.
Cisco Advanced
Malware Protection
for Web Security
Benefits
• Advanced threat detection:
AMP for Web Security gives
you comprehensive protection
against all web-related threats
for protection before, during, and
after an attack.
• Continuous analysis and
retrospective security: After a
file crosses the web gateway,
AMP continues to watch, analyze,
and record its activity, regardless
of the file’s initial disposition. If
malicious behavior is spotted later
on, AMP sends a retrospective
alert so that you can contain and
remediate the malware.
• Strengthened network defenses:
AMP for Web Security is built
on big data and exceptional
security intelligence. Our Cisco
Talos group analyzes millions of
malware samples and terabytes
of data per day and pushes that
intelligence to AMP. AMP then
correlates files, telemetry data,
and file behavior against this
context-rich knowledge base to
proactively defend against known
and emerging threats.
© 2016 Cisco and/or its affiliates. All rights reserved.