Cisco Cisco ScanSafe Wi-Fi Hotspot Security White Paper
Cisco CWS
– ASA 5500 Deployment Guide
1
Test
Deploy
Prepare
Introduction
Integrating CWS with the ASA maximizes your ASA/ASAv performance by offloading your content
scanning to Cisco’s cloud. It also enables you to apply acceptable use policy to the company, groups or
individual users routing through the ASA.
scanning to Cisco’s cloud. It also enables you to apply acceptable use policy to the company, groups or
individual users routing through the ASA.
This document provides directions to redirect network traffic to CWS through the ASA.
*Note: we refer to our cloud proxies as towers. You will see the terms
“proxy” and “tower” used
interchangeably throughout the document.
Cloud Deployment
Deployment is divided into the following three sections
Additional Redirect Methods
There are 4 additional redirection methods that have corresponding deployment guides. Deployment
guides for each redirection methods can be found
guides for each redirection methods can be found
, under Technical Collateral.
Redirection Method
Overview
Cisco Integrated
Services Router (ISR
G2 with CWS
Connector)
Services Router (ISR
G2 with CWS
Connector)
Save bandwidth, money and resources by intelligently redirecting
Internet traffic from branch offices directly to the cloud to enforce
security and control policies. Apply acceptable use policy to all
users regardless of location.
Internet traffic from branch offices directly to the cloud to enforce
security and control policies. Apply acceptable use policy to all
users regardless of location.
Web Security
Appliance
(WSA/WSAv with
CWS Connector)
Appliance
(WSA/WSAv with
CWS Connector)
Integrate CWS and WSA to enable identity information to the cloud
and extend other on-premises enterprise features to Cloud Web
Security customers
and extend other on-premises enterprise features to Cloud Web
Security customers
Cisco AnyConnect
Secure Mobility
Client (AnyConnect)
Secure Mobility
Client (AnyConnect)
Authenticate and redirect web traffic securely whenever the end
user is off the corporate network. CWS leverages cached user
credentials and directory information when they are away from the
office or VPN, ensuring that exactly the same web-usage policies
are applied.
user is off the corporate network. CWS leverages cached user
credentials and directory information when they are away from the
office or VPN, ensuring that exactly the same web-usage policies
are applied.
Standalone
Deployment
Deployment
Deploy a simple web security solution that does not require any
additional hardware.
additional hardware.
Connect to Cisco’s Cloud Web Security
service using existing browser settings and PAC/WPAD files.
Prepare
Deploy
Test