Cisco IronPort Web Security Appliance Management

Complete visibility and Control a C r o s s t h e e n t i r e o r g a n i z at i o n

Security breaches caused by malware intrusions have made organizations worldwide into inadvertent newsmakers. Companies are also exposed to compliance and productivity risks associated with inappropriate web usage. To protect themselves against internal and external threats that affect the bottom-line, organizations invest in the industry’s leading web security appliance. Cisco® IronPort S-Series web security appliances enforce acceptable use and security policies to reduce non-compliance and regulatory risk and protect against web-based malware. To handle network complexity and high traffic volumes, organizations typically deploy multiple Cisco IronPort S-Series appliances. This creates a critical need to centrally manage policies and provide consolidated reporting data. Cisco IronPort M-Series security management appliances provide a platform to centrally manage policies for multiple Cisco IronPort web security appliances. Additionally, reporting capabilities on the Cisco IronPort S-Series provide insight into the organization. For further analysis, Sawmill for Cisco IronPort web security – a customized third-party analytics tool – allows organizations to centrally analyze and monitor malware threats and web usage. These management features enable organizations to perform complex tasks intuitively and extract the most value out of their web security investment.
the CisCo ironport differenCe

Cisco IronPort email and web security products are high-performance, easy-to-use and technically-innovative solutions, designed to secure organizations of all sizes. Purpose built for security and deployed at the gateway to protect the world’s most important networks, these products enable a powerful perimeter defense.

Leveraging the Cisco Security Intelligence Operations center and global threat correlation makes the Cisco IronPort line of appliances smarter and faster. This advanced technology enables organizations to improve their security and transparently protect users from the latest Internet threats.

Administrators can backup their web security policies using the Cisco IronPort M-Series to safeguard against device. agement appliance and apply them to multiple Cisco IronPort S-Series appliances. Access Policies. network operations. reporting allows security operations. administrators can centrally define all of their web the administrator can also create custom user roles for security policies from a single Cisco IronPort security mangreater flexibility. Cisco IronPort web security appliances and monitor the deployed policies from a single page view. system or network failures. each log file contains a snapshot of the configuration which can be used to restore policy and other configuration settings in case of an unexpected failure. ICCM. .Cisco IronPort Web Security Appliance Management PA g e 2 f e at u r e s • Role-based access control offers flexible pre-built Centralized policy configuration on the Cisco IronPort administrator roles including web administrator. URL filtering administrator and administrator Centralized Configuration Manager (ICCM). The new Configuration History Log feature generates logs whenever a change is committed. This allows organizations to know who made a configuration change in order to satisfy compliance and governance requirements. Should these roles not fulfill an organization’s needs. web policy M-Series appliances is provided by Cisco’s powerful IronPort administrator. which allows a Cisco IronPort S-Series administrator to easily migrate to the Cisco IronPort M-Series appliance for centralized policy management. Custom user roles based on LDAP • Delegated administration enables the management of a subset of policies by other administrators who have readwrite access to specific policies. The gUI is very similar to the Cisco IronPort web security appliance menu (including Identities. Using Cisco role. Cisco ICCM also offers role-based access control – enabling administrators to delegate policy administration to other roles within the organization. Cisco IronPort S-Series Cisco IronPort S-Series Cisco IronPort S-Series Policies NOT editable by Delegated Administrator Policies editable by Delegated Administrator Cisco IronPort M-Series Consistent policy application across geographic boundaries Delegated administration simplifies policy management Cisco ICCM offers the following features for centralized policy management: • gUI-based policy definition and deployment simplifies the task of creating web security policies and eliminates the complexity of writing scripts. To simplify security administration. Cisco ICCM ensures that acceptable use and security policies are enforced uniformly across the organization. This provides an extra level of granularity in policy definition and deployment. • Configuration History Logs allow organizations to comply with governance requirements by keeping track of who made policy and configuration changes via a log file that is generated whenever a change is committed. Decryption Policies and Custom URL categories). or a subset of. These policies can be pushed to all. preventing any breaches.

Cisco IronPort S-Series Security and Web Activity Summary report . a customized third-party analytics tool. which specific websites were visited and when? • Why is a particular user’s bandwidth usage soaring and which websites is that individual visiting? • Is the organization in compliance with various regulatory requirements? This valuable insight limits the liabilities of an organization and keeps costs associated with worker productivity and malware threats in check. This allows organizations to monitor situations that would expose them to liabilities. based on Cisco’s industryleading IronPort AsyncOS operating system. Sawmill for Cisco IronPort. Powerful drilldown capabilities enable security operators to track which machines are prone to malware attacks. which may result in attacks. Actionable and insightful reports allow organizations to perform trending.Cisco IronPort Web Security Appliance Management PA g e 3 f e at u r e s ( C o n t i n u e d ) human resources and compliance staff to gain deep understanding of the security and compliance threats facing their organizations. helps organizations answer important questions such as: • Who visited unacceptable URL categories? • Within each URL category. provides a rich set of pre-built reports for in-depth web usage and security threat analysis across all Cisco IronPort S-Series appliances in the organization. In addition.. Security report for a specific Cisco IronPort S-Series appliance Sawmill for Cisco IronPort. Companies can even identify risky user behavior. Similarly. threat analysis and troubleshooting tasks. tracking. Powerful filters allow organizations to focus on the subject of interest. Top ‘N’ reports summarize information on the web traffic and security threats seen on the appliance. Cisco IronPort AsyncOS delivers performance. helps power the Cisco IronPort M-Series appliance. and refine their acceptable use and security policies. starting with the Cisco IronPort S-Series web security appliances. Cisco IronPort S-Series appliances feature a rich set of reports that allow organizations to visualize security and web usage trends on the appliance itself. robustness and scalability capable of handling the needs of all enterprises. a robust hardware platform. Cisco IronPort technology offers a complete reporting solution. powerful drilldown reports – as well as the ability to search for a specific client – allow organizations to see specific threats on specific clients as well as associated web usage activity. any acceptable use policy violations can be tracked down to an individual IP or authenticated user.

administrators can use the Cisco The Configuration History Log feature on the Cisco IronPort IronPort M-Series for centralized policy management and M-Series can be used to create a trail of all configuration configuration updates for a group of Cisco IronPort S-Series changes. This powerful tool assists with business productivity optimization by fine tuning web usage policies. productivity loss metrics and web usage trends.000 users. To reduce nizations to keep tight control of acceptable use policies. gain organizational insight Powerful reporting gives CXOs visibility into web usage – including URL browsing history. administrative overhead. f e at u r e ava i l a b i l i t y m at r i x Feature Interactive Drill-Down Reporting Acceptable Use Policy and Malware Reporting Centralized Policy Administration Role-Based Access Control Delegated Administration Policy Configuration Backup and Restore Available On Cisco IronPort S-Series* Cisco IronPort S-Series* Cisco IronPort M-Series Cisco IronPort M-Series Cisco IronPort M-Series Cisco IronPort M-Series * Fine-grained analysis and centralized reporting available via Sawmill for Cisco IronPort. The newly-introduced. role-based access control organizations respond to governance and compliance and delegated administration features increase flexibility and requirements. Cisco ironport m1060 Cisco ironport m660 Cisco ironport m160 Consolidated management appliance designed to meet the needs of the most demanding networks in the world. . web security and security management product lines address issues faced by organizations ranging from small businesses to the global 2000. granularity for policy definition and deployment. This not only reduces liability.Cisco IronPort Web Security Appliance Management PA g e 4 benefits simplify administration Cisco IronPort security respond to governance and Compliance requirements management appliances simplify overall deployment of The centralized reporting and tracking features allow orgaCisco IronPort web security appliances. produCt line The Cisco IronPort email security. but also helps appliances. Designed for organizations with multiple gateway security appliances and less than 2. Suggested for organizations with multiple gateway security appliances and thousands of users. business usage metrics.

MgX. Cisco Press.5” (w) x 21. Cisco Lumin. PIX. battery-backed 256MB cache 1x2 Dual Core Intel Xeon 500 gB RAID 1. Cisco TelePresence. etherSwitch. The Fastest Way to Increase Your Internet Quotient. and Learn and Cisco Store are service marks. Aironet. centralized reporting and centralized tracking. 100/240 volts Cisco ironport m660 19” Rack-Mountable.5” (h) x 17. the IronPort logo. call 650-989-6530 or visit us on the web at www. All other trademarks mentioned in this document or website are the property of their respective owners. MeetingPlace Chime Sound. IOS. MediaTone. ProConnect. LightStream. the Cisco logo.ironport. 1U rack height 1. these appliances simplify administrative overhead and allow organizations to respond to governance and compliance requirements.8 TB RAID 10. Memory. CCDA. and the Webex logo are registered trademarks of Cisco Systems. 100/240 volts Cisco ironport m160 19” Rack-Mountable. phone numbers. Inc. Cisco StadiumVision. FormShare. Inc.5” (w) x 29. CCVP. Internet Quotient. the Cisco Systems logo. Cisco. and Disks CPUs 2x4 (Quad Cores) Intel Xeon Disk Space 3 TB RAID RAID 10. iPhone. The Cisco IronPort M-Series security management appliance. The Netherlands Cisco has more than 200 offices worldwide. americas headquarters Cisco Systems. AsyncOS. Spectrum expert. CCNP. event Center.5” (d) 750 watts. and Welcome to the Human Network are trademarks. CCDe. PowerPanels. Addresses. Webex. Cisco Webex. Cisco Systems. Play. CCDP. the Cisco Certified Internetwork expert logo. PCNow. CCNA. Catalyst. San Jose. SMARTnet. CCSP. Network Changing the Way We Work. Live. 100/240 volts Processor. combined with Sawmill for Cisco IronPort. Cisco Unity. Cisco Systems Capital. Linksys. Follow Me Browsing. Cisco offers a free “Try Before You Buy” evaluation of the Cisco IronPort M-Series security management appliance.Cisco IronPort Web Security Appliance Management PA g e 5 t e C h n i C a l s p e C i f i C at i o n s Cisco ironport m1060 Chassis Form Factor Dimensions Power Supplies 19” Rack-Mountable. Cisco eos. Cisco IronPort S-Series appliances are the industry’s most comprehensive secure web gateway – providing best-in-class protection against webborne malware threats such as viruses. StackWise. Cisco IOS. battery-backed 256MB cache Interfaces ethernet Fiber Web Interface 2x4 (Quad Cores) Intel Xeon 1. RJ-45 No gUI-based (HTTP or HTTPS) Compatibility: Interfaces with all Cisco IronPort gateway security Bringing the Meeting To You. Fast Step. IronPort. 2U rack height 3. RJ-45 No gUI-based (HTTP or HTTPS) 2xgigabit NICs. spyware. Networkers. while also ensuring enterprise-class performance. Ltd. TransPath.5” (d) 345 watts.75” (h) x 17. Offering the benefits of Cisco’s industry-leading IronPort AsyncOS Singapore europe headquarters Cisco Systems International BV Amsterdam. 2U rack height 3. CCeNT. and/or its affiliates in the United States and certain other countries. Networking Academy. CA asia pacific headquarters Cisco Systems (USA) Pte. and fax numbers are listed on the Cisco website at www. battery-backed 256MB cache 3xgigabit NICs. ScriptShare. The use of the word partner does not imply a partnership relationship between Cisco and any other company. Cisco Nexus. MeetingPlace. DCe. summary The best place to control and protect against the risks posed by web traffic is right at the gateway. iQuick Study.5” (h) x 17. Trojans and botnets. provides a comprehensive platform for centralized management. RJ-45 Yes gUI-based (HTTP or HTTPS) 3xgigabit NICs. (0809R) P/N 435-0250-1 5/09 . CCIe. HomeLink. SenderBase.5” (w) x 29. For additional information. Collaboration Without Limitation. C o n ta C t u s Through a global sales force and reseller network. CCIP. etherFast. gigaDrive. and Access Registrar.5” (d) 750 watts.