Name: Cisco ASA 5506-X
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

8-6

Cisco ASA Series Firewall CLI Configuration Guide

Chapter 8 ASA and Cisco Cloud Web Security

Configure Cisco Cloud Web Security

Before you configure Cloud Web Security, obtain a license and the addresses of the proxy servers you

will use. Also, generate your authentication keys. Learn more about at Cloud Web Security

http://www.cisco.com/go/cloudwebsecurity.

Use the following process to configure the ASA to redirect web traffic to Cloud Web Security.

Before You Begin

If you want to send user identity information to Cloud Web Security, configure one of the following on

the ASA:

• Identity firewall (username and group).

• AAA rules (username only)—See the legacy feature guide.

If you want to use fully-qualified domain names (FQDN), such as www.example.com, you must

configure a DNS server for the ASA.

Procedure

Step 1 Configure Communications with the Cloud Web Security Proxy Server, page 8-6.

Step 2 (Optional.) Identify Whitelisted Traffic, page 8-8.

Step 3 Configure a Service Policy to Send Traffic to Cloud Web Security, page 8-9.

Step 4 (Optional.) Configure the User Identity Monitor, page 8-13

Step 5 Configure the Cloud Web Security Policy, page 8-14.

Configure Communications with the Cloud Web Security Proxy Server

You must identify the Cloud Web Security proxy servers so that user web requests can be redirected

properly.

In multiple context mode, you must configure the proxy servers in the system context, then enable Cloud

Web Security per context. Thus, you can use the service in some contexts but not in others.

Before You Begin

• You must configure a DNS server for the ASA to use fully-qualified domain names for the proxy

servers.

• (Multiple context mode.) You must configure a route pointing to the Cloud Web Security proxy

servers in both the system context and the specific contexts. This ensures that the Cloud Web

Security proxy servers do not become unreachable in the Active/Active failover scenario.

Procedure

Step 1 Enter ScanSafe general-options configuration mode. In multiple context mode, do this in the system

context.

scansafe general-options

Example

Other manuals for Cisco ASA 5506-X

Quick Start Guide14 pages

Easy Setup Guide11 pages

Installation Guide46 pages

Software Guide37 pages

Hardware Installation Guide52 pages

Mount And Connect12 pages

Mount The Chassis10 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco ASA 5506-X and is the answer not in the manual?

Cisco ASA 5506-X Specifications

General

Model	ASA 5506-X
Firewall Throughput	750 Mbps
Maximum Firewall Connections	50, 000
Maximum VPN Peers	50
Integrated Ports	8 x 1 GE
Stateful Inspection Throughput	750 Mbps
Weight	4.4 lb (2 kg)
Firewall Throughput (Multiprotocol)	750 Mbps
Firewall Throughput (Application Visibility and Control AVC)	250 Mbps
Concurrent Sessions	50, 000
New Connections per Second	10, 000
IPsec VPN Throughput	100 Mbps
Interfaces	8 x 1 GE
Memory	4 GB
Flash Memory	8 GB
Form Factor	Desktop
VPN Throughput	100 Mbps
Maximum Concurrent Sessions	50, 000
New Sessions per Second	10, 000
Operating Temperature	32 to 104°F (0 to 40°C)
Storage Temperature	-13 to 158°F (-25 to 70°C)
Power Supply	External
Humidity	10% to 90% non-condensing