Data Sheet

Cisco IronPort S-Series Web Security Appliances

Introduction
The way that we work has gone through a fundamental shift. Applications and communications tools have moved
to the web, and social media has emerged as a way to boost business revenues. Today, more than ever, the web
is the instrumental business tool. Workers use multiple devices to access corporate data and to work both inside
and outside the corporate network.

Cisco IronPort S-Series Web Security Appliances offer control, security, and visibility into web usage and threats.
This single-appliance solution allows businesses to take advantage of the new web landscape without sacrificing
security.

Security
The Cisco IronPort S-Series multilayer security architecture incorporates Cisco IronPort Web Reputation Filters
and antimalware to prevent both known and zero-day threats.

Web reputation filters use the analysis of more than 200 different web traffic and network parameters to accurately
determine the trustworthiness of a URL or address. Pattern-based assessment and per-object scanning enables
protection from botnets and exploit filtering.

Multiple antimalware engines follow with bidirectional content scanning. Cisco offers the choice of Sophos,
Webroot, and McAfee to prevent known threats from reaching your end users.

In addition, Cisco IronPort S-Series Web Security Appliances are powered by Cisco Security Intelligence
Operations (SIO), an advanced security infrastructure that provides threat detection, correlation, and mitigation
across the widest range of data, encompassing network, content, and endpoint security threats. Cisco SIO tracks
more than 40,000 vulnerabilities and collects and correlates traffic data-about 500 GB is processed daily-from
nearly every publicly routable IP address on the Internet. Every day, more than 3,300 IPS signatures are produced
and over 8 million rules are pushed out by Cisco SIO.

Control
Cisco IronPort Web Usage Controls provide protection against unwanted content entering the network, as well as
visibility into web use violations. A combination of web content classification, real-time dynamic categorization,
and web application control gives administrators the ability to control, at a granular level, the activities of their end
users - from blocking inappropriate content to preventing the use of functionality within a web application such as
Facebook.

This control extends down to the feature level within web applications; for example, allowing access to Facebook
but throttling all streaming media or allowing access to instant messaging but blocking file transfer. Control is
further extended out to public cloud applications such as salesforce.com or Google Apps, by offering a centralized
method of authenticating users. With this approach it is possible to have a single, central point of control and
revocation for access control to enterprise SaaS applications.

2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 1
 Secure Mobility
With the rapidly growing trend of using mobile devices to access corporate assets and the increase in the number
of mobile workers, extending policy and security beyond office boundaries is essential. Cisco IronPort S-Series

Web Security Appliances enable secure mobility through integration with the Cisco AnyConnect client and

Cisco ASA firewalls. Secure mobility enables mobile workers to seamlessly access the tools they need to work
productively while allowing administrators to enforce policy and security for mobile devices and users regardless
of their location.

Visibility
Knowing exactly what is happening across your entire user base is critical to understanding your security posture,
monitoring policies, and using actionable data to make policy enhancements. On-box reporting offers insight into
web activity and security, with information ranging from high-level trends to transaction-level detail. Organizations
can use these reports to understand business trends, measure productivity, analyze security threats, and plan for
the future.

The Cisco M-Series Security Management Appliance offers centralized reporting and management for multiple
Cisco S-Series Web Security Appliances.

Product Line
The Cisco IronPort web security product line address issues faced by organizations ranging from small
businesses to the Global 2000.

Cisco IronPort Web Security Appliance S670: Designed for organizations with more than 10,000 users.
Cisco IronPort Web Security Appliance S370: Designed for organizations with 2,000 to 10,000 users.
Cisco IronPort Web Security Appliance S170: Designed for small businesses and organizations with up
to 2,000 users.

Table 1. Specifications for Cisco IronPort S-Series Web Security Appliances

Cisco IronPort S670 Cisco IronPort S370 Cisco IronPort S170

Chassis

Form Factor 2U 2U 1U

Dimensions 3.5 (h) x 17.5 x 26.8 (d) 3.5 (h) x 17.5 x 26.8 (d) 1.67 (h) x 16.9 x 15.5 (d)

Total Weight (lbs) 57.5 57.5 26.96

Power Supply 870 watts, 100/240V 870 watts, 100/240V 400 watts, 100/240V

Redundant Power Supply Yes Yes No

Processor, Memory and Disks

CPUs 2x4 (2 Quad Cores) 1x4 (1 Quad Core) 1x2 (1 Dual Core)

Memory 8 GB 4 GB 4GB
* *
Disk Space & Count 2.7 TB (450 6) 900GB (450 2) 500GB (250 * 2)

Hot Swappable Hard Disk Yes Yes Yes

RAID Level & Controller RAID 10, Hardware RAID 10, Hardware RAID 1, Software

2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 4
 Cisco IronPort S670 Cisco IronPort S370 Cisco IronPort S170

Interfaces

Ethernet 5 Gigabit NICs, RJ-45 5 Gigabit NICs, RJ-45 5 Gigabit NICs, RJ-45

Serial 1xRS-232 (DB-9), Serial 1xRS-232 (DB-9), Serial 1xRS-232 (RJ-45)

Fiber Optional No No

USB 0 0 2

Configuration Logging and Monitoring

Web Interface GUI-based (HTTPS) GUI-based (HTTPS) GUI-based (HTTPS)

Command Line Interface SSH or Telnet (command-based) SSH or Telnet (command-based) SSH or Telnet (command-based)

Logging Squid, Apache, Syslog, W3C Squid, Apache, Syslog, W3C Squid, Apache, Syslog, W3C

Centralized Reporting Supported Supported Supported

File Transfer SCP FTP SCP FTP SCP, FTP

Configuration Files XML-based XML-based XML-based

Centralized Configuration Supported Supported Supported

Monitoring SNMPv1-3, email alerts SNMPv1-3, email alerts SNMPv1-3, email alerts

Environmental Operating Ranges

Toal Current (A) 4 2.5 4.85 (max)

Input Voltage (V) 100 to 240 VAC 100 to 240 VAC 100 to 240 VAC

Operating Power (W) 427.1 267.3 400W (max)

Total Heat Dissipation (BTU/hr) 1928.5 1471 432.6

Leakage Current (mA) 3.5 3.5 3.5

Fan Exhaust Volume (CFM) 43.1 37.4 Idle at 24C: 12.3

Full fan speed: 34.4

Ambience Noise (Bels) 6.3 6.1 Idle: 41.3 dBa

Stress: 64.2 dBa max.

Effective MTBF (Hours) 94400 94400 107356

Operating

Temperature (C) 10C to 35C 10C to 35C -5C to 45C

Relative Humidity (%) 20% to 80% (noncondensing) 20% to 80% (noncondensing) 10% to 90% (Condensing)

Altitude (m) 3048 3048 3000

Vibration 0.26 Grms at 5-350Hz 0.26 Grms at 5-350Hz 0.41Grms, at 3Hz-500Hz

Non - Operating

Temperature (C) -40C to 65C -40C to 65C -25C to 70C

Relative Humidity (%) 5% to 95% (noncondensing) 5% to 95% (noncondensing) 90% - +/-5%

Altitude (m) 10,600 10,600 4570

Vibration 1.54 Grms at 10-250Hz 1.54 Grms at 10-250Hz 1.12Grms at 3Hz-500Hz

Industry Certifications

RoHS Yes Yes Yes

Other Certifications Safety:cULus, CB, CCC, BSMI

EMC:CE, FCC, VCCI, C-TICK, KC

2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 3 of 4
 Conclusion
A new type of security solution is required to securely enable the benefits of todays web landscape. The Cisco S-
Series Web Security Appliance pushes control to web applications and content while security is enhanced,
protecting against both known and zero-day malware and preventing already-infected endpoints from
communicating data out of the network.

This extended control and security is also available in a cloud form factor, allowing increased flexibility to utilize
either form factor or a hybrid combination as needed so that all users, inside and outside the network, are
protected, ensuring that your network is always secure, wherever your end users work.

Printed in USA C78-586408-03 12/11

2011 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 4