Introduction to the Secure Web Appliance

About Secure Web Appliance

Cisco Secure Web Appliance S196, S396, S696, and S696F helps organizations secure and control web traffic. This guide describes how to setup your appliances and use the System Setup Wizard to configure basic settings for the appliance. For information about how to configure appliance settings, see Deployment chapter in the AsyncOS for Cisco Secure Web Appliances User Guide.

Document Network Settings

Before you begin, write down the following information about your network and administrator settings.

Deployment Options

Web Proxy:

  • Transparent with L4

  • Switch Transparent with WCCP Router

  • Explicit Forward Proxy

L4 Traffic Monitor:

  • Simplex tap/Span port

  • Duplex tap/Span port

Network Context

Is there another proxy on the network:

Other Proxy IP Address:

Other Proxy Port:

Network Settings

Default System Hostname:

DNS Servers:

Use the Internet root DNS servers.

Use the DNS servers (maximum 3):

1.

2.

3.

Network Time Protocol (NTP) Server:

Time Zone Region:

Time Zone Country:

Time Zone GMT Offset:

Interface Settings

Management Port

IP Address:

Network Mask:

Hostname:

Data Port (Optional, see Note)

IP Address:

Network Mask:

Hostname:

Note

 

The Web Proxy can share the management interface. If configured separately, the Data interface IP address and the management interface IP address cannot share the same subnet.

Routes

Internal Routes for Management

Default Gateway:

Static Route Name:

Static Route Destination Network:

Static Route Gateway:

Internal Routes for Data

Default Gateway:

Static Route Name:

Static Route Destination Network:

Static Route Gateway:

Transparent Routing Device

Device Type:

  • Layer 4 Switch or No Device

  • WCCP Router

    – Enable standard service ID (web-cache).

    – Router Addresses:

    ———————

    – Enable router security.

    Password:

    ———————

Note

 

When you connect the appliance to a WCCP router, you might need to configure the Web Security appliance to create WCCP services after you run the System Setup Wizard.

Administrative Settings

Administrator Password:

Email System Alerts To:

SMTP Relay Host:

(Optional)

AutoSupport:

Enable

SenderBase Network Participation:

Enable

  • Limited

  • Standard

Security Services

L4 Traffic Monitor:

  • Monitor only

  • Block

Acceptable Use Controls:

Enable

  • Cisco IronPort Web Usage Controls

Web Reputation Filters:

Enable

Malware and Spyware Scanning:

  • Enable Webroot

  • Enable McAfee

  • Enable Sophos

Action for Detected Malware:

  • Monitor only

  • Block

IronPort Data Security Filtering:

Enable