Cisco IronPort Web Security Appliance Management
Complete visibility and Control a C r o s s t h e e n t i r e o r g a n i z at i o n
Security breaches caused by malware intrusions have made organizations worldwide into inadvertent newsmakers. Companies are also exposed to compliance and productivity risks associated with inappropriate web usage. To protect themselves against internal and external threats that affect the bottom-line, organizations invest in the industry’s leading web security appliance. Cisco® IronPort S-Series web security appliances enforce acceptable use and security policies to reduce non-compliance and regulatory risk and protect against web-based malware. To handle network complexity and high traffic volumes, organizations typically deploy multiple Cisco IronPort S-Series appliances. This creates a critical need to centrally manage policies and provide consolidated reporting data. Cisco IronPort M-Series security management appliances provide a platform to centrally manage policies for multiple Cisco IronPort web security appliances. Additionally, reporting capabilities on the Cisco IronPort S-Series provide insight into the organization. For further analysis, Sawmill for Cisco IronPort web security – a customized third-party analytics tool – allows organizations to centrally analyze and monitor malware threats and web usage. These management features enable organizations to perform complex tasks intuitively and extract the most value out of their web security investment.
the CisCo ironport differenCe
Cisco IronPort email and web security products are high-performance, easy-to-use and technically-innovative solutions, designed to secure organizations of all sizes. Purpose built for security and deployed at the gateway to protect the world’s most important networks, these products enable a powerful perimeter defense.
Leveraging the Cisco Security Intelligence Operations center and global threat correlation makes the Cisco IronPort line of appliances smarter and faster. This advanced technology enables organizations to improve their security and transparently protect users from the latest Internet threats.
web policy M-Series appliances is provided by Cisco’s powerful IronPort administrator.
Custom user roles based on LDAP
• Delegated administration enables the management of a subset of policies by other administrators who have readwrite access to specific policies. administrators can centrally define all of their web the administrator can also create custom user roles for security policies from a single Cisco IronPort security mangreater flexibility. or a subset of. ICCM.Cisco IronPort Web Security Appliance Management
PA g e 2
f e at u r e s
• Role-based access control offers flexible pre-built Centralized policy configuration on the Cisco IronPort administrator roles including web administrator.
. network operations. preventing any breaches. The gUI is very similar to the Cisco IronPort web security appliance menu (including Identities.
• Configuration History Logs allow organizations to comply with governance requirements by keeping track of who made policy and configuration changes via a log file that is generated whenever a change is committed. Access Policies. which allows a Cisco IronPort S-Series administrator to easily migrate to the Cisco IronPort M-Series appliance for centralized policy management. agement appliance and apply them to multiple Cisco IronPort S-Series appliances.
Cisco IronPort S-Series
Cisco IronPort S-Series
Cisco IronPort S-Series
Policies NOT editable by Delegated Administrator Policies editable by Delegated Administrator
Cisco IronPort M-Series Consistent policy application across geographic boundaries Delegated administration simplifies policy management
Cisco ICCM offers the following features for centralized policy management: • gUI-based policy definition and deployment simplifies the task of creating web security policies and eliminates the complexity of writing scripts. These policies can be pushed to all. Administrators can backup their web security policies using the Cisco IronPort M-Series to safeguard against device. Decryption Policies and Custom URL categories). This provides an extra level of granularity in policy definition and deployment. system or network failures. Cisco ICCM also offers role-based access control – enabling administrators to delegate policy administration to other roles within the organization. The new Configuration History Log feature generates logs whenever a change is committed. Cisco IronPort web security appliances and monitor the deployed policies from a single page view. Using Cisco role.
reporting allows security operations. Cisco ICCM ensures that acceptable use and security policies are enforced uniformly across the organization. each log file contains a snapshot of the configuration which can be used to restore policy and other configuration settings in case of an unexpected failure. This allows organizations to know who made a configuration change in order to satisfy compliance and governance requirements. Should these roles not fulfill an organization’s needs. To simplify security administration. URL filtering administrator and administrator Centralized Configuration Manager (ICCM).
Cisco IronPort S-Series Security and Web Activity Summary report
. Cisco IronPort AsyncOS delivers performance.. powerful drilldown reports – as well as the ability to search for a specific client – allow organizations to see specific threats on specific clients as well as associated web usage activity.Cisco IronPort Web Security Appliance Management
PA g e 3
f e at u r e s ( C o n t i n u e d )
human resources and compliance staff to gain deep understanding of the security and compliance threats facing their organizations. Powerful filters allow organizations to focus on the subject of interest. provides a rich set of pre-built reports for in-depth web usage and security threat analysis across all Cisco IronPort S-Series appliances in the organization. and refine their acceptable use and security policies.
Security report for a specific Cisco IronPort S-Series appliance
Sawmill for Cisco IronPort. Companies can even identify risky user behavior. threat analysis and troubleshooting tasks. which may result in attacks. Cisco IronPort S-Series appliances feature a rich set of reports that allow organizations to visualize security and web usage trends on the appliance itself. starting with the Cisco IronPort S-Series web security appliances. any acceptable use policy violations can be tracked down to an individual IP or authenticated user. Actionable and insightful reports allow organizations to perform trending. Top ‘N’ reports summarize information on the web traffic and security threats seen on the appliance. Similarly. robustness and scalability capable of handling the needs of all enterprises. based on Cisco’s industryleading IronPort AsyncOS operating system. This allows organizations to monitor situations that would expose them to liabilities. helps power the Cisco IronPort M-Series appliance. a robust hardware platform. tracking. Cisco IronPort technology offers a complete reporting solution. In addition. helps organizations answer important questions such as: • Who visited unacceptable URL categories? • Within each URL category. Powerful drilldown capabilities enable security operators to track which machines are prone to malware attacks. Sawmill for Cisco IronPort. a customized third-party analytics tool. which specific websites were visited and when? • Why is a particular user’s bandwidth usage soaring and which websites is that individual visiting? • Is the organization in compliance with various regulatory requirements? This valuable insight limits the liabilities of an organization and keeps costs associated with worker productivity and malware threats in check.
Designed for organizations with multiple gateway security appliances and less than 2. The newly-introduced. gain organizational insight Powerful reporting gives CXOs visibility into web usage – including URL browsing history.
.000 users. productivity loss metrics and web usage trends. administrative overhead. role-based access control organizations respond to governance and compliance and delegated administration features increase flexibility and requirements.Cisco IronPort Web Security Appliance Management
PA g e 4
simplify administration Cisco IronPort security respond to governance and Compliance requirements management appliances simplify overall deployment of The centralized reporting and tracking features allow orgaCisco IronPort web security appliances. This powerful tool assists with business productivity optimization by fine tuning web usage policies. but also helps appliances. web security and security management product lines address issues faced by organizations ranging from small businesses to the global 2000. granularity for policy definition and deployment. This not only reduces liability. business usage metrics.
The Cisco IronPort email security. Suggested for organizations with multiple gateway security appliances and thousands of users. administrators can use the Cisco The Configuration History Log feature on the Cisco IronPort IronPort M-Series for centralized policy management and M-Series can be used to create a trail of all configuration configuration updates for a group of Cisco IronPort S-Series changes.
f e at u r e ava i l a b i l i t y m at r i x Feature Interactive Drill-Down Reporting Acceptable Use Policy and Malware Reporting Centralized Policy Administration Role-Based Access Control Delegated Administration Policy Configuration Backup and Restore Available On Cisco IronPort S-Series* Cisco IronPort S-Series* Cisco IronPort M-Series Cisco IronPort M-Series Cisco IronPort M-Series Cisco IronPort M-Series
* Fine-grained analysis and centralized reporting available via Sawmill for Cisco IronPort. Cisco ironport m1060 Cisco ironport m660 Cisco ironport m160 Consolidated management appliance designed to meet the needs of the most demanding networks in the world. To reduce nizations to keep tight control of acceptable use policies.
PCNow. battery-backed 256MB cache
3xgigabit NICs. CCNP.5” (d) 750 watts.5” (h) x 17. All other trademarks mentioned in this document or website are the property of their respective owners.5” (h) x 17. TransPath.ironport. combined with Sawmill for Cisco IronPort. Offering the benefits of Cisco’s industry-leading IronPort AsyncOS platform. CCSP. Cisco Lumin.8 TB RAID 10. Networkers. and the Webex logo are registered trademarks of Cisco Systems. and Disks CPUs 2x4 (Quad Cores) Intel Xeon Disk Space 3 TB RAID RAID 10. San Jose. Cisco offers a free “Try Before You Buy” evaluation of the Cisco IronPort M-Series security management appliance. call 650-989-6530 or visit us on the web at www. Networking Academy. MeetingPlace Chime Sound. SMARTnet. 100/240 volts
Processor.5” (w) x 29. Cisco StadiumVision. iPhone. (0809R)
P/N 435-0250-1 5/09
. Cisco IOS. Cisco Press. Changing the Way We Work. the IronPort logo. Linksys.cisco. gigaDrive. spyware. etherSwitch. Cisco Nexus. IOS. SenderBase. MeetingPlace.5” (d) 750 watts. Cisco Unity. AsyncOS.5” (d) 345 watts.
C o n ta C t u s
Through a global sales force and reseller network. Aironet. battery-backed 256MB cache
1x2 Dual Core Intel Xeon 500 gB RAID 1. 2U rack height 3. StackWise.5” (w) x 21. DCe. IronPort. CCDP. Cisco. CCDA. 100/240 volts
Cisco ironport m160
19” Rack-Mountable. 2U rack height 3. RJ-45 No gUI-based (HTTP or HTTPS)
2xgigabit NICs. and Learn and Cisco Store are service marks.75” (h) x 17. Catalyst. Webex. ProConnect. Inc. RJ-45 Yes gUI-based (HTTP or HTTPS)
The best place to control and protect against the risks posed by web traffic is right at the gateway. and Access Registrar.
americas headquarters Cisco Systems. Singapore
europe headquarters Cisco Systems International BV Amsterdam. etherFast. LightStream. PowerPanels. RJ-45 No gUI-based (HTTP or HTTPS)
Compatibility: Interfaces with all Cisco IronPort gateway security appliances. For additional information. Memory. CCVP. HomeLink. CA
asia pacific headquarters Cisco Systems (USA) Pte. Addresses. The Netherlands
Cisco has more than 200 offices worldwide. FormShare.5” (w) x 29. while also ensuring enterprise-class performance. the Cisco logo. 100/240 volts
Cisco ironport m660
19” Rack-Mountable. Collaboration Without Limitation. Ltd. and Welcome to the Human Network are trademarks. the Cisco Systems logo. Bringing the Meeting To You. The Cisco IronPort M-Series security management appliance. CCeNT. MgX. Cisco Webex.Cisco IronPort Web Security Appliance Management
PA g e 5
t e C h n i C a l s p e C i f i C at i o n s
Cisco ironport m1060
Chassis Form Factor Dimensions Power Supplies 19” Rack-Mountable. CCNA. these appliances simplify administrative overhead and allow organizations to respond to governance and compliance requirements. phone numbers. Cisco IronPort S-Series appliances are the industry’s most comprehensive secure web gateway – providing best-in-class protection against webborne malware threats such as viruses. event Center. Live. the Cisco Certified Internetwork expert logo. centralized reporting and centralized tracking. ScriptShare. CCIP. and/or its affiliates in the United States and certain other countries. Fast Step. battery-backed 256MB cache Interfaces ethernet Fiber Web Interface
2x4 (Quad Cores) Intel Xeon 1. Trojans and botnets. PIX. The use of the word partner does not imply a partnership relationship between Cisco and any other company. Spectrum expert. Internet Quotient. Play. Cisco Systems Capital. Cisco TelePresence.com/try. iQuick Study. Inc. Cisco Systems. provides a comprehensive platform for centralized management. MediaTone. Cisco eos.
CCDe. Follow Me Browsing. The Fastest Way to Increase Your Internet Quotient. Network Registrar. CCIe. and fax numbers are listed on the Cisco website at www. 1U rack height 1.