SWSA: Securing the Web with Cisco Web Security Appliance

Learn how to implement, use, and maintain a Cisco® Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.


Individuals involved in the deployment, installation and administration of a Cisco Web Security Appliance.


Attendees should meet the following prerequisites:

  • TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
  • IP routing

You are expected to have one or more of the following basic technical competencies or equivalent knowledge:

  • Cisco CCNA certification
  • Relevant industry certification (ISC)2, (CompTIA) Security+, EC-Council, GIAC, ISACA
  • Windows expertise

Course objectives

After completing this course you should be able to:

  • Describe Cisco WSA
  • Deploy proxy services
  • Utilize authentication
  • Describe decryption policies to control HTTPS traffic
  • Understand differentiated traffic access policies and identification profiles
  • Enforce acceptable use control settings
  • Defend against malware
  • Describe data security and data loss prevention
  • Perform administration and troubleshooting

Course content

Describing Cisco WSA
Deploying Proxy Services
Utilizing Authentication
Creating Decryption Policies to Control HTTPS Traffic
Understanding Differentiated Traffic Access Policies and Identification Profiles
Defending Against Malware
Enforcing Acceptable Use Control Settings
Data Security and Data Loss Prevention
Performing Administration and Troubleshooting

Lab 1: Configure the Cisco Web Security Appliance
Lab 2: Deploy Proxy Services
Lab 3: Configure Proxy Authentication
Lab 4: Configure HTTPS Inspection
Lab 5: Create and Enforce a Time/Date-Based Acceptable Use Policy
Lab 6: Configure Advanced Malware Protection
Lab 7: Configure Referrer Header Exceptions
Lab 8: Utilize Third-Party Security Feeds and MS Office 365 External Feed
Lab 9: Validate an Intermediate Certificate
Lab 10: View Reporting Services and Web Tracking
Lab 11: Perform Centralized Cisco AsyncOS Software Upgrade Using Cisco SMA


This course helps you prepare to take exam 300-725 SWSA 

Exam 300-725 is one of the concentration exams for the CCNP Security Certification. To obtain the CCNP Security Certification you will also need to take the 300-701 SCOR exam.

Passing the 300-725 exam will also provide you with the Cisco Certified Specialist - Web Content Security.