You are on page 1of 5

Cisco IronPort Web Security Appliance Management

Complete visibility and Control a C r o s s t h e e n t i r e o r g a n i z at i o n

Security breaches caused by malware intrusions have made organizations worldwide into inadvertent newsmakers. Companies are also exposed to compliance and productivity risks associated with inappropriate web usage. To protect themselves against internal and external threats that affect the bottom-line, organizations invest in the industry’s leading web security appliance. Cisco® IronPort S-Series web security appliances enforce acceptable use and security policies to reduce non-compliance and regulatory risk and protect against web-based malware. To handle network complexity and high traffic volumes, organizations typically deploy multiple Cisco IronPort S-Series appliances. This creates a critical need to centrally manage policies and provide consolidated reporting data. Cisco IronPort M-Series security management appliances provide a platform to centrally manage policies for multiple Cisco IronPort web security appliances. Additionally, reporting capabilities on the Cisco IronPort S-Series provide insight into the organization. For further analysis, Sawmill for Cisco IronPort web security – a customized third-party analytics tool – allows organizations to centrally analyze and monitor malware threats and web usage. These management features enable organizations to perform complex tasks intuitively and extract the most value out of their web security investment.
the CisCo ironport differenCe

Cisco IronPort email and web security products are high-performance, easy-to-use and technically-innovative solutions, designed to secure organizations of all sizes. Purpose built for security and deployed at the gateway to protect the world’s most important networks, these products enable a powerful perimeter defense.

Leveraging the Cisco Security Intelligence Operations center and global threat correlation makes the Cisco IronPort line of appliances smarter and faster. This advanced technology enables organizations to improve their security and transparently protect users from the latest Internet threats.

To simplify security administration. URL filtering administrator and administrator Centralized Configuration Manager (ICCM). each log file contains a snapshot of the configuration which can be used to restore policy and other configuration settings in case of an unexpected failure. The new Configuration History Log feature generates logs whenever a change is committed. These policies can be pushed to all. This allows organizations to know who made a configuration change in order to satisfy compliance and governance requirements.Cisco IronPort Web Security Appliance Management PA g e 2 f e at u r e s • Role-based access control offers flexible pre-built Centralized policy configuration on the Cisco IronPort administrator roles including web administrator. reporting allows security operations. which allows a Cisco IronPort S-Series administrator to easily migrate to the Cisco IronPort M-Series appliance for centralized policy management. system or network failures. . agement appliance and apply them to multiple Cisco IronPort S-Series appliances. preventing any breaches. This provides an extra level of granularity in policy definition and deployment. Cisco ICCM ensures that acceptable use and security policies are enforced uniformly across the organization. Decryption Policies and Custom URL categories). • Configuration History Logs allow organizations to comply with governance requirements by keeping track of who made policy and configuration changes via a log file that is generated whenever a change is committed. administrators can centrally define all of their web the administrator can also create custom user roles for security policies from a single Cisco IronPort security mangreater flexibility. Using Cisco role. Cisco ICCM also offers role-based access control – enabling administrators to delegate policy administration to other roles within the organization. network operations. web policy M-Series appliances is provided by Cisco’s powerful IronPort administrator. The gUI is very similar to the Cisco IronPort web security appliance menu (including Identities. Should these roles not fulfill an organization’s needs. Cisco IronPort S-Series Cisco IronPort S-Series Cisco IronPort S-Series Policies NOT editable by Delegated Administrator Policies editable by Delegated Administrator Cisco IronPort M-Series Consistent policy application across geographic boundaries Delegated administration simplifies policy management Cisco ICCM offers the following features for centralized policy management: • gUI-based policy definition and deployment simplifies the task of creating web security policies and eliminates the complexity of writing scripts. or a subset of. Custom user roles based on LDAP • Delegated administration enables the management of a subset of policies by other administrators who have readwrite access to specific policies. Administrators can backup their web security policies using the Cisco IronPort M-Series to safeguard against device. Cisco IronPort web security appliances and monitor the deployed policies from a single page view. ICCM. Access Policies.

. Powerful drilldown capabilities enable security operators to track which machines are prone to malware attacks. and refine their acceptable use and security policies. Actionable and insightful reports allow organizations to perform trending. Top ‘N’ reports summarize information on the web traffic and security threats seen on the appliance. robustness and scalability capable of handling the needs of all enterprises. powerful drilldown reports – as well as the ability to search for a specific client – allow organizations to see specific threats on specific clients as well as associated web usage activity. This allows organizations to monitor situations that would expose them to liabilities. a customized third-party analytics tool. a robust hardware platform. Cisco IronPort AsyncOS delivers performance. In addition. Cisco IronPort S-Series appliances feature a rich set of reports that allow organizations to visualize security and web usage trends on the appliance itself. Powerful filters allow organizations to focus on the subject of interest. tracking. Cisco IronPort technology offers a complete reporting solution. any acceptable use policy violations can be tracked down to an individual IP or authenticated user. helps power the Cisco IronPort M-Series appliance. threat analysis and troubleshooting tasks. which may result in attacks. Security report for a specific Cisco IronPort S-Series appliance Sawmill for Cisco IronPort.Cisco IronPort Web Security Appliance Management PA g e 3 f e at u r e s ( C o n t i n u e d ) human resources and compliance staff to gain deep understanding of the security and compliance threats facing their organizations. starting with the Cisco IronPort S-Series web security appliances. based on Cisco’s industryleading IronPort AsyncOS operating system. Companies can even identify risky user behavior. helps organizations answer important questions such as: • Who visited unacceptable URL categories? • Within each URL category. which specific websites were visited and when? • Why is a particular user’s bandwidth usage soaring and which websites is that individual visiting? • Is the organization in compliance with various regulatory requirements? This valuable insight limits the liabilities of an organization and keeps costs associated with worker productivity and malware threats in check. Sawmill for Cisco IronPort. provides a rich set of pre-built reports for in-depth web usage and security threat analysis across all Cisco IronPort S-Series appliances in the organization. Cisco IronPort S-Series Security and Web Activity Summary report . Similarly.

Suggested for organizations with multiple gateway security appliances and thousands of users. The newly-introduced. productivity loss metrics and web usage trends. role-based access control organizations respond to governance and compliance and delegated administration features increase flexibility and requirements. business usage metrics. web security and security management product lines address issues faced by organizations ranging from small businesses to the global 2000. administrative overhead. administrators can use the Cisco The Configuration History Log feature on the Cisco IronPort IronPort M-Series for centralized policy management and M-Series can be used to create a trail of all configuration configuration updates for a group of Cisco IronPort S-Series changes. granularity for policy definition and deployment. This not only reduces liability.Cisco IronPort Web Security Appliance Management PA g e 4 benefits simplify administration Cisco IronPort security respond to governance and Compliance requirements management appliances simplify overall deployment of The centralized reporting and tracking features allow orgaCisco IronPort web security appliances. Cisco ironport m1060 Cisco ironport m660 Cisco ironport m160 Consolidated management appliance designed to meet the needs of the most demanding networks in the world. f e at u r e ava i l a b i l i t y m at r i x Feature Interactive Drill-Down Reporting Acceptable Use Policy and Malware Reporting Centralized Policy Administration Role-Based Access Control Delegated Administration Policy Configuration Backup and Restore Available On Cisco IronPort S-Series* Cisco IronPort S-Series* Cisco IronPort M-Series Cisco IronPort M-Series Cisco IronPort M-Series Cisco IronPort M-Series * Fine-grained analysis and centralized reporting available via Sawmill for Cisco IronPort. gain organizational insight Powerful reporting gives CXOs visibility into web usage – including URL browsing history.000 users. but also helps appliances. produCt line The Cisco IronPort email security. This powerful tool assists with business productivity optimization by fine tuning web usage policies. Designed for organizations with multiple gateway security appliances and less than 2. . To reduce nizations to keep tight control of acceptable use policies.

Spectrum expert. gigaDrive. The Netherlands Cisco has more than 200 offices worldwide. Aironet.5” (d) 750 watts.5” (w) x 29. CCeNT. Cisco Press. Cisco Nexus. Networking Academy. PowerPanels. Inc. CA asia pacific headquarters Cisco Systems (USA) Pte. MgX. CCVP. Cisco Unity. Cisco Systems Capital. AsyncOS. Play. Cisco Systems. RJ-45 No gUI-based (HTTP or HTTPS) 2xgigabit NICs. Ltd. centralized reporting and centralized tracking. The Cisco IronPort M-Series security management appliance. and the Webex logo are registered trademarks of Cisco Systems. ProConnect.com/go/offices. and Learn and Cisco Store are service marks. FormShare. and/or its affiliates in the United States and certain other countries. 2U rack height 3. these appliances simplify administrative overhead and allow organizations to respond to governance and compliance requirements. etherFast. PIX. CCDA. ScriptShare.Cisco IronPort Web Security Appliance Management PA g e 5 t e C h n i C a l s p e C i f i C at i o n s Cisco ironport m1060 Chassis Form Factor Dimensions Power Supplies 19” Rack-Mountable. Memory. RJ-45 Yes gUI-based (HTTP or HTTPS) 3xgigabit NICs. SenderBase. CCNA. summary The best place to control and protect against the risks posed by web traffic is right at the gateway. CCNP. For additional information. 100/240 volts Cisco ironport m160 19” Rack-Mountable. battery-backed 256MB cache 1x2 Dual Core Intel Xeon 500 gB RAID 1.8 TB RAID 10. while also ensuring enterprise-class performance. CCDP. StackWise. Bringing the Meeting To You. spyware. the Cisco Systems logo.5” (w) x 29. Offering the benefits of Cisco’s industry-leading IronPort AsyncOS platform. MeetingPlace Chime Sound. and Welcome to the Human Network are trademarks. etherSwitch. and Disks CPUs 2x4 (Quad Cores) Intel Xeon Disk Space 3 TB RAID RAID 10.cisco. americas headquarters Cisco Systems. combined with Sawmill for Cisco IronPort. Cisco IronPort S-Series appliances are the industry’s most comprehensive secure web gateway – providing best-in-class protection against webborne malware threats such as viruses.5” (h) x 17. Inc. Follow Me Browsing.5” (h) x 17. The use of the word partner does not imply a partnership relationship between Cisco and any other company. LightStream. Cisco. IOS. the IronPort logo. 100/240 volts Cisco ironport m660 19” Rack-Mountable. Changing the Way We Work. Catalyst. battery-backed 256MB cache 3xgigabit NICs. MediaTone. 100/240 volts Processor. (0809R) P/N 435-0250-1 5/09 .5” (d) 750 watts. Linksys. call 650-989-6530 or visit us on the web at www. Live. PCNow. event Center. CCIe. Cisco TelePresence. Cisco offers a free “Try Before You Buy” evaluation of the Cisco IronPort M-Series security management appliance. Internet Quotient. HomeLink. the Cisco logo. 2U rack height 3. Cisco eos. Cisco Lumin. DCe. C o n ta C t u s Through a global sales force and reseller network.75” (h) x 17.5” (d) 345 watts. Cisco StadiumVision. Network Registrar.5” (w) x 21. SMARTnet. 1U rack height 1. Fast Step. and Access Registrar. Trojans and botnets.com/try. battery-backed 256MB cache Interfaces ethernet Fiber Web Interface 2x4 (Quad Cores) Intel Xeon 1. All other trademarks mentioned in this document or website are the property of their respective owners. MeetingPlace. IronPort. phone numbers. RJ-45 No gUI-based (HTTP or HTTPS) Compatibility: Interfaces with all Cisco IronPort gateway security appliances. TransPath. San Jose. CCSP. CCDe.ironport. the Cisco Certified Internetwork expert logo. Cisco IOS. The Fastest Way to Increase Your Internet Quotient. provides a comprehensive platform for centralized management. Webex. and fax numbers are listed on the Cisco website at www. Singapore europe headquarters Cisco Systems International BV Amsterdam. Addresses. Cisco Webex. Networkers. CCIP. Collaboration Without Limitation. iPhone. iQuick Study.