Web security virtual appliance technical overview for ses
This presentation is the property of its rightful owner.
Sponsored Links
1 / 21

Web Security Virtual Appliance Technical Overview for SEs PowerPoint PPT Presentation


  • 416 Views
  • Uploaded on
  • Presentation posted in: General

Web Security Virtual Appliance Technical Overview for SEs. AsyncOS 7.7.5 for Web. January 7 , 2013. New Features in this Release Getting Set Up & Operating Your Virtual WSA(s) Q&A. Agenda. What is Penglai (AsyncOS 7.7.5 for Web)?. Virtual form factor of Web Security Appliance (WSA)

Download Presentation

Web Security Virtual Appliance Technical Overview for SEs

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Web security virtual appliance technical overview for ses

Web Security Virtual Appliance Technical Overview for SEs

AsyncOS 7.7.5 for Web

January 7, 2013


Agenda

New Features in this Release

Getting Set Up & Operating Your Virtual WSA(s)

Q&A

Agenda


What is penglai asyncos 7 7 5 for web

What is Penglai (AsyncOS 7.7.5 for Web)?

  • Virtual form factor of Web Security Appliance (WSA)

  • Functionally equivalent to a hardware WSA running Pikes Peak (AsyncOS 7.7.0). Major features in AsyncOS 7.7 are:

    • Multi-NTLM Forest Support

    • SOCKS proxy support

  • Plus benefits of running a VM:

    • One license (digital certificate), unlimited VMs

    • Self-service provisioning – you can provision & activate new VMs, fully loaded with your licensed feature keys, whenever you want

    • This beta program will be focused on testing the VM features only


Hypervisor hardware requirements

Hypervisor & Hardware Requirements

  • Hypervisor: VMware ESXi 4.x or 5.0

  • Hardware: Cisco UCS (officially supported), other vendors (best-effort support)

  • There are 3 standard VM images (corresponding to HW models in capacity). Allocate HW resources based on the VM image you download & the matrix below:


Four easy steps for setting up a virtual wsa

Four Easy Steps for Setting Up a Virtual WSA

  • Make sure the XML license that was emailed to you is ready

  • Download the VM

  • Unzip the VM & deploy it with vSphere

  • Run System Setup Wizard


Start by downloading the vm file

Start by Downloading the VM File

Download the VM file from the Cisco Software Download Center, under the Cisco Web Security Appliance.

  • Download the file for the model you want:

    • S000V: coeus-X-Y-X-070-S000V.zip

    • S100V: coeus-X-Y-X-070-S100V.zip

    • S300V: coeus-X-Y-X-070-S300V.zip

  • Zipped OVF (Open Virtualization Format)

  • Sample contents for S100V zip file:

    coeus-X-Y-X-070-S100V.zip

    • coeus-X-Y-X-070-S100V.ovf

    • coeus-X-Y-X-070-S100V-disk1.vmdk

    • coeus-X-Y-X-070-S100V.mf


Next deploy the vm

Next: Deploy the VM

Uncompress the zip file to a designated file path (e.g. C:\WSAV\S000V_pristine)

  • If you want to run multiple VMs, use vSphere’s native cloning capabilities or duplicate the zip directory. Cloning must be done before the appliance’s first run. You can also download a pristine image later if you want more VMs.

  • Follow the process below for each VM:

    • With a connected vSphere client, click to select the host or cluster you want to have the image deployed

    • Choose File-->Deploy OVF Template.

    • Enter the path of the OVF file, click Next

    • Follow the wizard to finish the deployment


Next load your license file

Next: Load Your License File

  • XML file – looks like picture here

  • Can be applied to multiple VMs (reusable)

    • Apply during System Setup Wizard for each VM

  • Has customer ID, feature keys (Web Reputation, Web Usage Controls, Antivirus signatures) & expiration date embedded

  • If you purchase new feature keys, a new license is issued

  • When license expires, all functionality stops – including proxy

    • You will receive multiple alerts as expiry is approaching


  • Next install the license file

    Next: Install the License File

    • From the console, note the IP address of the appliance

    • From SSH or telnet, login to the virtual appliance with admin/ironport

    • Enter loadlicense, then

      • Input the license file by pasting its contents and pressing Ctrl-D, OR

      • Load the license file that has been uploaded to the virtual appliance via FTP (covered in next slide)


    Loading the license via ftp or scp

    Loading the License via FTP or SCP

    • Use FTP to transfer license file to appliance:

      • ftp to appliance with admin/ironport

      • cd into directory configuration

      • putlicense.xml

      • exit

    • OR use SCP to copy license file to appliance:

      • scplicense.xml admin@<IP>:configuration


    Finishing setup after loading license file

    Finishing Setup After Loading License File

    • Read and agree to the EULA

    • Enter showlicense to view the license details

    • Log on to the web UI (http://<IP>:8080) and run the System Setup Wizard

    • You are now ready to import your configuration


    Importing your configuration

    Importing your Configuration

    If you are configuring your Virtual WSA from scratch,ignore this step

    • If you provided your config file for migration, you should have received a Config File for your Virtual WSA from the beta team

      • We will have an automated config migration tool available when we release

    • Copy the config file to your new WSAV (Virtual WSA):

      • [email protected]_WSAV:configuration

    • Load the config file on your new WSAV:

      • loadconfigmy_config_file.xml


    New and modified cli commands

    New and modified CLI commands


    New cli commands loadlicense

    New CLI commands: loadlicense

    loadlicense

    • Reads a license file from a file or cut and paste

    • Verifies the validity of the license

    • Creates and installs the new feature keys

    • Removes old feature keys


    New cli commands showlicense

    New CLI commands: showlicense

    Showlicense

    • Show data about current license, including expiry date

    vm10c02esa0120.eng> showlicense

    Virtual License

    ===============

    vln VLNWSA171717

    begin_date Sun Jan 15 00:00:00 2012 GMT

    end_date Sat Jan 15 16:06:49 2028 GMT

    company Ironport Test Company

    seats 17

    serial 12B

    email [email protected]

    issue fe8f1761f1a94463bc9ddbcf03569805

    license_version 1.0


    Modified cli commands version

    Modified CLI commands: version

    Version

    • For virtual appliances, this command will show CPU and memory of appliance, along with limits


    Modified cli commands ipcheck

    Modified CLI commands: ipcheck

    ipcheck

    • Platform

    • Serial No.

    • RAM reported in MB


    Modified cli commands featurekey

    Modified CLI Commands: featurekey

    Featurekey

    All feature keys currently active on appliance & remaining time on license


    More information for ses

    More Information for SEs

    • WSAV Questions? Contact [email protected]

    • ESAV Questions? Contact [email protected]


    Questions

    Questions


  • Login