I'm currently a customer of another product and am researching WSA as an alternative. However, I'm finding that some of the Malicious urls that my current system is blocking, comes up as not categorized in WSA.
Does anyone have any experience between the effectiveness with WSA vs others?
I'm an employee, not a customer, so I can't comment on my experience as a customer. But I wanted to suggest that you mention which version of AsyncOS for Web you're using. And if you're using version 6.3 or later, then you should also mention which URL filtering engine you're using.
In version 6.3, Cisco IronPort introduced the new Cisco IronPort Web Usage Controls that has a new URL filtering engine. It also includes the Dynamic Content Analysis engine which can categorize pages on the fly, based on the response content. The DCA categorizes some categories better than others, so how much that would help your uncategorized URLs will depend on what type they tend to be. If you want more information on Web Usage Controls, contact your sales rep or VAR.
URL filtering is for acceptable use enforcement. Hence you won't see malicious URLs categorized in URL filtering categories. For security, the WSA provides multiple layers of defense. The malicious URLs and content are identified and blocked using Web Reputation Filters, AV Signatures scanning with multiple signature sets in parallel and using L4TM, the layer 4 traffic monitor across all ports to block internal traffic reaching out to malicious destinations.
In a nutshell, URL filtering works great for enforcing acceptable use policies, but for security web reputation works much better due to its wider coverage and proactive nature.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...