Cisco Cloud Web Security or CWS as its known is a cloud based security offering from Cisco. CWS provides comprehensive defense, advanced threat protection and superior flexibility for organizations small and large. To enforce security, Internet traffic is redirected from the branch office location using either an existing Cisco infrastructure, such as the venerable Cisco ASA or multifunctional ISR series router. Alternatively, a host side proxy or agent software can also be deployed. CWS can even be bundled with the widely popular Cisco AnyConnect VPN software, making the “cloud attach” security deployment simple and flexible.
Once deployed, user web requests pass through a series of checks before being permitted. As discussed here, we see the Cisco security model of Before, During and After come into the mix as we inspect the user’s traffic while enforcing the organization’s acceptable use and web content policies. Using techniques such as IP and web reputation, Anti-Malware, File reputation and Sandboxing, CWS scrubs the user requests for malware or connections to malicious or blocked domains before passing the connection back to the user. Global threat intelligence is shared with the Cisco TALOS team, identifying emerging threats quickly and making them known to the larger community so access to malicious sites can be promptly blocked.
CWS is a perfect fit for companies where access to the Internet is distributed, and the work force is highly mobile. By using traffic redirection for local clients, like virtual desktops and desktop PCs which typically don’t leave the building along with agent software, web security and content filtering can be enforced for users when they roam off of the corporate network without first requiring that the user be connected to the corporate VPN.
For organizations with a more traditional centralized network perimeter with a single Internet connection or firewall, Cisco WSA or Web Security Appliance may be more of a natural fit. Including all of the security features from CWS, the WSA adds local caching for web-content and integration with local DLP, both solutions offer SSL decryption and user based reporting. To learn more about Cisco Web Security visit http://www.cisco.com/go/cws or reach out to a dedicated Focus Representative today for more information. (617) 938-6200 or email@example.com