Cisco Cisco ScanSafe Secure Mobility
Cisco CWS - ISR G2 Deployment Guide
2
Test
Deploy
Prepare
Prepare
Verify proper IOS image
The recommended version at the time of this writing is 15.3.3M3 or later. However, CWS is supported is
IOS version 15.2(1) T1 and later. For up-to-date information, please reference this link:
https://supportforums.cisco.com/document/12110031/cisco-cloud-web-security-cws-isr-g2-faq
*Note: For images earlier than 15.3.3M3
IOS version 15.2(1) T1 and later. For up-to-date information, please reference this link:
https://supportforums.cisco.com/document/12110031/cisco-cloud-web-security-cws-isr-g2-faq
*Note: For images earlier than 15.3.3M3
, all references to “cws” in the CLI please use “content-scan”
instead.
Verify connection to a tower
Site-to-tower communication is accomplished over TCP port 8080. HTTP and HTTPS requests are sent
to a cloud scanning tower in this method. Therefore, TCP port 8080 outbound is required to be open for
all users within the organization. For security reasons, Cisco recommends that port 8080 outbound
destinations be limited to the scanning towers provisioned for the customer’s account.
to a cloud scanning tower in this method. Therefore, TCP port 8080 outbound is required to be open for
all users within the organization. For security reasons, Cisco recommends that port 8080 outbound
destinations be limited to the scanning towers provisioned for the customer’s account.
Reference video:
Step 1:
Log on to a client computer inside the customer’s network.
Step 2:
Click on the Control Panel and go to Programs and Features.
Step 3:
Click Turn on Windows features on or off. Scroll down the list of available features until you
find the Telnet Client. Check the box and click OK. Now that the Telnet Client is installed, we can
resume our test.
resume our test.
Figure 1.1
Step 4:
Open the command
line window and type command ‘telnet [tower IP address] 8080.” A
successful connection is noted by a blank screen and blinking cursor.
Figure 1.2