Cisco Cisco ScanSafe Wi-Fi Hotspot Security Leaflet

Page 3 of 10

Cisco Cloud Web Security: WSAv Deployment
Guide

Introduction

The Cisco

Web Security Virtual Appliance (WSAv) is a software version of the Cisco Web Security Appliance

(WSA) that is available at no charge with the purchase of Cisco Cloud Web Security (CWS) software bundles and

individual licenses.

This document provides directions to redirect network traffic to CWS through the Cisco WSAv Connector.

Getting Started

You can request one virtual and one physical license per year (without hardware). After you receive the email

message with the license, you will have approximately 1 month to apply those licenses.

Note: The following instructions focus primarily on the installation of the virtual WSA on a VMware Fusion
platform and connectivity testing after you have configured the Cisco CWS connector module. The connector

configuration itself is covered only briefly; however, a video,

Steps to Deploy WSA as a Connector

, is available on

our website.

You may also refer to Chapter 4 in the

Cisco AsyncOS for Web User Guide

Note: We refer to our cloud proxies as “towers”. You will see the terms “proxy” and “tower” used interchangeably
throughout the document.

Verify Connection to a Tower

Site-to-tower communication is accomplished over TCP port 8080. HTTP and HTTPS requests are sent to a cloud-

scanning tower in this method. Therefore, TCP port 8080 outbound is required to be open for all users within the

organization. For security reasons, Cisco recommends that port 8080 outbound destinations be limited to the
scanning towers provisioned for the customer’s account.

Reference video:

Verify connection to a tower