If CX is not there then how the WSA will work?.

If so then what is the difference between CX & WSA.

I am in confusion that if CX should be available on the box then only the WSA will work.

Please provide the links where I can get more details .

Thanks & Regards

Lakshman Kumar S

There is a session on ciscolive365 that has some slides that show the differences:

https://ciscolive365.com/connect/sessionDetail.ww?SESSION_ID=7927&backBtn=true

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

Have you a link for that? I'm only aware of reputation-based filtering but not on true malware-scanning. And I don't find anything on the topic.

And the WSA does Anti-Virus filtering. It has the Scan-Engine from Sophos and optionally from McAffee.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni

I don't have an official link. I upgraded to the latest CX this week and one of the new features is a malware engine. If you like I can give you a screenshot.

Lakshman- The main difference between CX and WSA is that the CX can dig deeper into a packet and see what it's doing (Facebook games, Facebook posting, Facebook videos). The CX can also inspect traffic on non-standard web ports, where as (AFAIK) WSA can only look at TCP 80 and 443.

Hi Karsten,

Malware protection in the Next Generation Firewall (NGFW = how Cisco is now banding the CX) is under the auspices of Web Reputation Filtering. See this section of the 9.2 user guide.

I would sort of agree with Colin in that edge-only AV protection is not very useful. A more holistic approach like what Sourcefire does with FireAMP on clients plus the firewall-side piece of that solution is actually a pretty nice approach. We can hope to see more of that technology in the Cisco-branded products going forward now that the Sourcefire acquisition has closed.